A simple line of malicious code embedded in a Web page can cause some Samsung Galaxy smartphones to lose all their data, security researchers revealed recently. But Samsung says a fix has been out for months.
The code, composed of 11 digits and symbols, was revealed at a security conference in Argentina, according to a report by The Telegraph. Samsung issued a statement saying it has already dealt with the issue: 'We would like to assure customers that the recent security issue affecting the Galaxy S III has already been addressed in a software update. We believe this issue was isolated to early production devices, and devices currently available are not affected by this issue.
To ensure customers are fully protected, Samsung advises checking for software updates through the 'Settings: About device: Software update' menu. We are in the process of evaluating other Galaxy models.'
Teri Daley, senior director of public relations at Samsung, said in an interview that the company had found that the problem was addressed in a software update issued months ago, so only customers using older versions of the software would be vulnerable. She said the company was trying to determine the specific models and software versions that were affected by the vulnerability.
The Galaxy S III and some Galaxy S II smartphones have been found to be vulnerable to the attack. But again, Daley said customers who had downloaded the latest software should be safe.
Tim Strazzere, lead security engineer of Lookout, a mobile security firm, confirmed that the attack worked only on Galaxy devices with older software. He said other phones with Android would not be affected by the malicious code, and he recommended that phone owners always keep their software up to date. He also said Android users should use Google's Chrome browser instead of the standard one on the phone, or use Lookout's free app to protect their Android phones from malware.
Mobile devices are typically not as prone to running into viruses or malicious software as PCs, but smartphones have become bigger targets as their numbers have grown. Google in February introduced a security system called Bouncer, which analyses Android apps for suspicious code to prevent malware from entering the Android app store.