Google has disclosed that a severe One UI threat has exposed data of some Samsung phones. The company’s Project Zero team revealed details of three Samsung phone zero-day security vulnerabilities that are exploited by a spyware vendor.
The vulnerabilities that were found in One UI software were used as part of an exploit series to target Samsung phones running Android. These chained exposures allow an attacker to gain kernel source codes of Galaxy smartphones and eventually expose their data.
The Google Project Zero security team further says that the hacker targets Samsung phones that feature an Exynos chip running a specific kernel version. Mostly, Galaxy phones with Exynos chips are available across Europe, the Middle East, and Africa, which are likely surveillance targets.
According to the information, the issues are already fixed. The vulnerabilities were exploited by an Android application that tricked some users into installing them without using the Google App Store.
The malicious app, as it is described earlier, allows attackers to break out of the application’s sandbox, which is specifically designed to secure access to the activity and the device’s operating system.
The first vulnerability in this chain (CVE-2021-25337) is the arbitrary file read and write, which was the foundation of this chain, used four different times, and used at least once in each step.
The second vulnerability (CVE-2021-25369) used by the chain is an information leak to leak the address of the task_struct and sys_call_table. Meanwhile, the final vulnerability in the chain (CVE-2021-25370) is a use-after-free of a file struct in the Display and Enhancement Controller (DECON) Samsung driver for the Display Processing Unit (DPU).
Furthermore, Google reported these vulnerabilities to Samsung in late 2020, when it received samples of the exploit. Whereas, the Korean company released the patch in March 2021.
Project Zero also reported that Samsung’s advisory still doesn’t mention wild exploits of these vulnerabilities, but it has promised to alert customers if malicious exploits are detected in the future.
Samsung’s One UI 6.0 Update: Galaxy S20, Note 20, and More Left Behind, New Options for Android Enthusiasts
Android 14 will soon start to roll out for Google Pixel phones. Samsung, on the other hand, started the One UI 6.0 Beta Program for Galaxy S23 series in August 2023. Samsung consumers have high expectations with the One UI 6.0 update, but many Galaxy devices are no longer supported.
Samsung should have pledged the Android 14 update for Galaxy S20 and Note 20 series, but it didn’t. It leads the Galaxy S20 FE to ineligibility for the next major update. Launched pre-installed with Android 10, the S20, Note 20 and S20 FE devices are no longer eligible for any major upgrade.
The popular Galaxy A series phones – Galaxy A51 and A71 have also finished their OS upgrade eligibility with the Android 13-based One UI 5.0. Now, the Korean tech giant focuses more on affordable phones, with the Galaxy A24 as a recent example, which will get 4 OS upgrades.
The 2nd generation Galaxy Z Fold smartphone was also eligible for three major updates. The company had released it with Android 10-based One UI 2.5, which means, it has also completed its big OTA lifespan with Android 13. You can check One UI 6.0 unsupported devices in the list below.
- Galaxy S20 Series
- Galaxy Note 20 Series
- Galaxy S20 FE (LTE/5G)
- Galaxy Z Fold 2 5G
- Galaxy A71 & Galaxy A51
How to get One UI 6
To experience the next Samsung mobile OS, you need to purchase a new Galaxy phone. There are a lot of sticking options, offering you a longer software lifespan across categories from budget to premium. Check the quick guide below, which embeds phones with great software support.
- Premium – Galaxy S23 series
- Bonus Tip – Galaxy S21 FE (flagship phone with affordability)
- Mid-range – Galaxy A54 and Galaxy A34
- Budget – Galaxy A24
Samsung unveils Good Lock 2024, launching alongside One UI 6 – New Features, Enhancements
Samsung Good Lock is a popular app and some users have been waiting for a long time for the app to be updated to support the latest One UI 6.0 based on Android 14. Now, the company has announced the Samsung Good Lock 2024 through the official community.
The Functional manager has recently shared some plans for the app’s future development. In a post on the Samsung Members app, the team revealed that Good Lock will be launched simultaneously with the official 6.0 distribution and that some modules will undergo major changes and improvements.
Samsung Good Lock 2024
One UI 6
- Good Lock will be launched simultaneously with the official 6.0 distribution.
- Good Lock: When installing apps with every upgrade, the company is trying to reduce the steps of moving to the store so they can be installed quickly and easily without moving.
- Edge lighting +: ‘Edge lighting +’, which was only available on the Galaxy foldable, will be introduced in earnest this time. With the cute pop effect you want when you receive notifications and make suggestions for improvement.
- Sound Assistant: It seems that decorating the volume panel is only done through color selection, so please look forward to the change by providing various effects and control method changes so that you can enjoy new decoration effects.
- Wonderland, which has changed with a unique lock screen effect, is preparing to enable new transition effects when moving between AOD and lock screen/home screen.
- Samsung is preparing to provide more detailed information about why my notifications are not ringing through NiceCatch.
One UI 6.1
- Many people have complained about the inconvenience of LockStar / Clock Face having a structure that is separate from the lock screen, so Samsung is preparing it so that it can be set naturally within the lock screen.
- This is a very big task, so the people in charge of the lock screen will be encouraged if you give some words of support.
- Kids Cafe is developing a feature that allows you to map desired functions to keyboard gestures and designate keyboard touch sounds as desired.
Changes and delayed features
- HomeUp is undergoing major structural improvements to support a wider variety of styles.
- The theme park has a structural implementation in addition to the theme of the terminal. Every time you install a theme, you may wonder why it takes so long to install an app. By changing the structure, the company want to improve these inconveniences and aim for a lighter theme.
Also, the ‘Dropship Ride Together’ feature will be released soon regardless of the 6.0 upgrade.
Samsung teases One UI 6.1 in Good Lock 2024 launch!
Samsung officially unveiled the Good Lock 2024 today and confirmed that it’s coming alongside the One UI 6. Beyond that, the company revealed some Good Lock functions that will be improved in the 6.1 version of the Android 14-based One UI software.
According to Samsung moderator, One UI 6.1-based Good Lock will bring fix for the structure problem of LockStar and ClockFace modules. The company is making changes to address the inconvenience of the lock screen so it can be set naturally within the lock screen.
In addition, a feature for the KeysCafe application is under development, which will allow you to map desired functions to keyboard gestures and designate keyboard touch sounds as desired. There will be more enhancements for apps and modules, which will be coming next year.
One UI 6 and One UI 6.1
Samsung will unveil the One UI 6.0 next month at its annual developers conference. This software is currently under Beta testing and is based on the Android 14 operating system. One UI 6.1, on the other hand, will come pre-installed with the Galaxy S24 series, bringing new features and tweaks.