New update warning for millions of Samsung Galaxy users
Samsung Galaxy users are facing yet another security concern. Following delays in Android 15 and One UI 7 updates, Google has issued a warning about critical vulnerabilities in Samsung’s Qualcomm chipsets. These vulnerabilities, exploited in targeted attacks, require immediate attention.
### Google Warns of Exploited Qualcomm Vulnerabilities
Google’s Threat Analysis Group (TAG) revealed that CVE-2024-43047, a vulnerability affecting multiple Qualcomm chipsets, is actively being exploited. These attacks target journalists, dissidents, and activists, according to Amnesty International.
The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-43047 to its Known Exploited Vulnerabilities catalog, mandating updates for federal employees. CISA warns that the vulnerability allows malicious actors to access sensitive device memory.
### Samsung Galaxy Users at Risk
Although Qualcomm provided patches to device manufacturers in September, the October Android security updates, released by both Google and Samsung, did not include a fix for CVE-2024-43047. Users, therefore, remain vulnerable.
Samsung states that some patches from chipset vendors might not be included in monthly security updates. While the November update is expected to address the vulnerability, Samsung users running older Qualcomm chipsets may remain unprotected until December.
### Action Required: Check Your Device and Update Immediately
Samsung Galaxy users are advised to:
- Check their device’s security update schedule.
- Look for CVE-2024-43047 in the November update’s fix list.
- Update their devices as soon as possible.
- Consider additional security measures if concerned about spyware or phone compromises.
Affected chipsets
A comprehensive list of affected Qualcomm chipsets is available online. You can check if your device is affected here.
Do not delay. Update your Samsung Galaxy device now to protect yourself from these critical vulnerabilities.