Updates
Samsung May 2023 One UI patch fixes issues of bootloader, Call, App Lock, and more
Samsung published May 2023 One UI patch details for Galaxy users. This security maintenance release will bring fixes for 21 Samsung Vulnerabilities and Exposures (SVE) items along with more than 58 common vulnerability exposures by Google.
Samsung May 2023 One UI patch
SVE-2023-0010 (CVE-2023-21489)
Out-of-bounds write vulnerability in bootloader
Heap out-of-bounds write vulnerability in bootloader before SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code on Galaxy devices running Android 11/12/13 OS with Qualcomm processor onboard, the May 2023 release adds proper boundary check logic.
SVE-2022-2946 (CVE-2023-21486, CVE-2023-21485)
Improper export of Android application components in Call Settings
Improper export of Android application components vulnerability in Call Settings allows physical attackers to access some media data stored in the sandbox, which may have affected Galaxy devices running Android 11, 12, and 13. Samsung’s May One UI patch includes a proper solution to the vulnerability.
SVE-2022-2957(CVE-2023-21487)
Improper access control vulnerability in Telephony framework
Samsung phones on Android OS (v11, v12, and v13) may have been affected by improper access control vulnerability in the Telephony framework, which lets local attackers change a call setting. Thankfully, the new patch brings proper permission to protect a receiver.
SVE-2022-2821(CVE-2023-21484)
Improper access control vulnerability in AppLock
Improper access control vulnerability in AppLock allows local attackers without proper permission to execute a privileged operation on Samsung devices with Android 11, 12, and 13. Meanwhile, the May patch adds a permission check.
In addition, Samsung’s latest Galaxy security software brings patches to a handful of more moderate issues related to FactoryTest, Knox Enrollment Service, SemShareFileProvider, ActivityManagerService, ThemeManager, GearManagerStub, Tips, Shannon, Exynos CP chipsets and more.
May 2023 Android patch
Alongside the One UI patches, Samsung’s May 2023 software will include Android CVE items discovered and patched by Google too. Per the details, it solves 4 critical, 48 high and 3 moderate level of common vulnerability exposures, however, 2 were fixed in the previous release and 1 isn’t applicable on Galaxy devices.
Critical
- CVE-2022-33231, CVE-2022-33288, CVE-2022-33289, CVE-2022-33302
High
CVE-2022-32599, CVE-2022-41757, CVE-2022-38181, CVE-2022-36449, CVE-2022-33917, CVE-2022-42716, CVE-2021-0873, CVE-2021-0884, CVE-2021-0883, CVE-2021-0882, CVE-2021-0881, CVE-2021-0880, CVE-2021-0879, CVE-2021-0878, CVE-2021-0874, CVE-2021-0875
CVE-2021-0876, CVE-2021-0872, CVE-2021-0885, CVE-2022-4696, CVE-2023-20941, CVE-2023-20656, CVE-2023-20654, CVE-2023-20652, CVE-2023-20653, CVE-2023-20657, CVE-2022-33269, CVE-2023-21630, CVE-2022-33270, CVE-2022-40503, CVE-2022-47335
CVE-2022-47336, CVE-2022-47338, CVE-2022-47337, CVE-2021-39617, CVE-2022-20338, CVE-2023-20993, CVE-2023-21109, CVE-2023-21117, CVE-2023-20914, CVE-2023-21104, CVE-2023-20930, CVE-2023-21110, CVE-2022-20444, CVE-2023-21112, CVE-2023-21118, CVE-2023-21103, CVE-2023-21111
Moderate
- CVE-2022-22706, CVE-2023-21116, CVE-2023-0266
Already included in previous updates
- CVE-2023-20655, CVE-2022-40532
Not applicable to Samsung devices
- CVE-2023-21107
| Source |
Apps
Google App bringing back Material 3 design for bottom bar
Google App is updating its bottom navigation bar by bringing back a more modern design called Material 3. This change introduces a new pill-shaped indicator that shows which tab you’re using.
The revamped bottom navigation bar arrives with the latest beta version 15.40 of the Google App, thanks to 9to5Google. With the fresh design, Google aims to make it easier for users to navigate.
Instead of just highlighting the tab icon you’re on, the new design surrounds the icon with a pill shape to make it clearer and more appealing. Google app initially introduced this design in 2023 but later decided to revert to its previous look. Now, after some changes, the app has once again been back with the updated look.
Aside from the testing new design, the company is also looking into a new verification feature for its Search function. This feature would give verified businesses a blue checkmark, similar to what you see in Gmail to help users easily identify trustworthy sources online.
Not everyone has access to Google App’s latest beta update yet, but users can force-stop the app through their device settings if they don’t see the new look right away. With the return of Material 3 design and new features on the way, users can look forward to a more enhanced experience in the Google App.
Google retracts report suggesting MediaTek chip in Galaxy S25
Updates
Samsung brings October 2024 security update to Galaxy A55 5G
Samsung has pushed the October 2024 security update for another Galaxy A series smartphone, the Galaxy A55 5G. The company has recently rolled out this update to the Galaxy A13 smartphone and will expand soon to more Galaxy devices.
The fresh update of the Samsung Galaxy A55 5G improves system security and stability to enhance the overall performance of the app. It also fixes a bundle of issues that users encountered in the previous version.
Latest Software
October 2024 security update for Samsung Galaxy A55 5G smartphone arrives with One UI build version A556EXXS5AXI4. Users will have to download a 208MB package to install the update.
This update is currently live in Asian countries including the Philippines. The company will expand this update to more countries soon. It is an initial rollout so it may take hours or days to reach all models.
October 2024 Security Patch Details
October 2024 security patch fixes over 40 issues, including 2 critical and 28 high-level CVEs for Google. In addition, Samsung patches include 12 Samsung Vulnerabilities and Exposures (SVE) items. It fixes issues related to system service, Knox services, and more.
How to Update?
Users of Samsung Galaxy A55 smartphone can easily check and install the update via a few easy steps:
- Navigate to Settings.
- Select Software Updates from the menu.
- Tap on the Download and Install option to initiate the update process.
- If the update is available, proceed to install it.
Samsung Galaxy A13 secures October 2024 update ahead of many flagships
Samsung
Samsung rolls out October 2024 update to Galaxy Z Fold 6, Flip 6
Samsung has pushed the October 2024 security update for its Galaxy Z Flip 6 and Galaxy Z Fold 6 devices. The update is initially available for these devices’ users in Europe and the US, with plans to expand to other regions soon.
The new update enhances system security and stability by addressing various issues to improve overall device performance. The latest security patch includes critical updates from both Google and Samsung.
Notably, Google’s patch resolves 2 critical vulnerabilities and 28 high-level issues, although one of these issues was previously addressed, and two do not apply to Galaxy devices.
On the other side, 12 Samsung vulnerabilities have been fixed which are related to system services and Knox to ensure a more secure user experience. Additionally, Samsung Semiconductor has also added a fix to boost performance.
October 2024 security update brings new One UI build versions for the Samsung Galaxy Z Flip 6 and Galaxy Z Fold 6. You can check them below:
Europe
- Galaxy Z Flip 6 – F741BXXS1AXI3
- Galaxy Z Fold 6 – F956BXXS1AXI3
The US
- Galaxy Z Flip 6 – F741USQS1AXIB
- Galaxy Z Fold 6 – F956USQS1AXIB
To manually check for updates, users can navigate to their phone’s Settings, scroll to the Software Update section, and select the “Download and Install” option if a new OTA is available.
Both the Galaxy Z Fold 6 and Z Flip 6 come pre-installed with Android 14 based on One UI 6.1.1. These foldable devices are set to receive the next major One UI update, expected to be available to developers by year’s end.
A community moderator revealed that a One UI 7 Beta program will soon be accessible to regular Galaxy users. However, details regarding eligible devices and schedules are yet to be confirmed.