A new report by researchers at Tel Aviv University in Israel found that some Samsung Galaxy phones were shipped out with a major security flaw. Among those that were listed by the team includes the Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20, and Galaxy S21.
The research report, titled “Trust Dies in Darkness: Shedding Light on Samsung’s TrustZone Keymaster Design”, revealed that the affected phones did not properly store their cryptographic keys. This could allow hackers to access information that contains sensitive data such as passwords.
Furthermore, the vulnerability also gave malicious actors the potential to further exploit the misstep by downgrading the phone’s security protocols. However, the researchers said that after informing Samsung of the security flaws, the company fixed the issues after a few months by rolling out security patches in July and October 2021.
Regularly updating your phone is generally a good practice, and you should definitely consider updating now if your Samsung device is currently running on an older security patch. More recently, some users have reported glitches on the display of their brand new Galaxy S22 Ultra, which is possibly another software-related issue.
(Source: Tel Aviv University/Cryptology ePrint Archive.)
