Samsung to fix its native keyboard vulnerability issue with KNOX

150617-galaxy-keyboard

UPDATE: To ensure you get the security policy update, follow the steps after the break.

Yesterday we reported that Samsung’s pre-installed keyboard had an exploit that could completely compromise your phone. Samsung has now announced that it is taking care of the problem using their own KNOX security feature. While the keyboard looks nothing like SwiftKey, its the SDK that Samsung uses for their word predictive feature that makes it vulnerable.

To recap, the exploit makes it possible for people with malicious intent to modify or install apps without your knowledge, grab GPS coordinates and access your camera, microphone, messages and locally stored files and Samsung believes that over 600 million phones are likely to be at risk.

Samsung KNOX is essentially a secure sandbox that they can use as a conduit of the fix and Samsung can bypass the need to send a firmware update out to the carriers to test it before it goes out to rectify the exploit faster. The new security policy updates will be rolling out in a few days so Samsung users can rest easy.

To doubly make sure you get your update for the fix, follow the steps below.

1. Enter your main settings menu and open the “Security” section.

2. Scroll down to “Other security settings” and elect “Security policy updates”

3. Check “Automatic Updates”

[VIA, 1][SOURCE]