News

Samsung September 2024 Security Update: Key vulnerabilities and fixes unveiled

Posted on

Top 3 Key Points:

  1. Security Enhancements: Samsung’s September 2024 update includes fixes for 44 Android vulnerabilities, including 1 critical and 43 high-severity issues.
  2. Samsung-Specific Fixes: The update addresses 23 security flaws unique to Samsung’s One UI, improving features like My Files, Theme Center, and Knox.
  3. Timely Release Expected: Although not yet rolled out, the update is anticipated to reach Galaxy devices soon.

Samsung has published details of its September 2024 security update for Galaxy devices. This update focuses on enhancing device security by addressing a range of vulnerabilities. Although the update has not yet been released, it is expected to roll out shortly.

The September 2024 security patch addresses 44 vulnerabilities in the Android operating system. Among these, 1 is classified as critical, while 43 are high-severity issues. One vulnerability was already resolved in previous updates, and another does not apply to Galaxy devices.

In addition to the Android fixes, Samsung has resolved 23 security issues specific to its One UI. These include vulnerabilities in key system components like My Files, Theme Center, and Knox. The update also addresses problems in other areas such as One UI Home and Dex mode.

This security update is crucial for maintaining the safety and privacy of Samsung device users. As always, it’s recommended to install the update as soon as it becomes available to ensure your device is protected against the latest threats.

Samsung September 2024 Security Patch Details

Android Patch Details

Critical

  • CVE-2024-23350

High

  • CVE-2024-23355, CVE-2024-21481, CVE-2024-23356, CVE-2024-23357, CVE-2024-33027, CVE-2024-21478, CVE-2024-23383, CVE-2024-23384, CVE-2024-23382, CVE-2024-23381, CVE-2024-23352, CVE-2024-23353, CVE-2024-20082, CVE-2024-33013, CVE-2024-33025, CVE-2024-33015, CVE-2024-33024, CVE-2024-33010, CVE-2024-33020, CVE-2024-33018, CVE-2024-33019, CVE-2024-33026, CVE-2024-2937, CVE-2024-31333, CVE-2024-33011, CVE-2024-33012, CVE-2024-33014, CVE-2024-33023, CVE-2024-4607, CVE-2024-32896, CVE-2024-40658, CVE-2024-40662, CVE-2024-40650, CVE-2024-40652, CVE-2024-40654, CVE-2024-40655, CVE-2024-40657, CVE-2024-40656, CVE-2024-40659, CVE-2024-40665, CVE-2024-40664, CVE-2024-40663, CVE-2024-40666

Moderate

  • None

Already included in previous updates

  • CVE-2024-36971

Not applicable to Samsung devices

  • CVE-2024-33028

One UI Patch Details

Samsung has addressed 23 issues specific to its devices, such as improper authorization in My Files, Theme Center, One UI Home, Knox, Dex, and more.

  • SVE-2023-1030(CVE-2024-34637): Improper access control in WindowManagerService
  • SVE-2023-1487(CVE-2024-34651): Improper authorization in My Files
  • SVE-2024-0453(CVE-2024-34638): Improper handling of exceptional conditions in ThemeCenter
  • SVE-2024-0513(CVE-2024-34652): Incorrect authorization in kperfmon
  • SVE-2024-0785(CVE-2024-34640): Improper access control in BGProtectManager
  • SVE-2024-0852(CVE-2024-34653): Path Traversal in My Files
  • SVE-2024-0918(CVE-2024-34654): Improper Export of android application component in My Files
  • SVE-2024-0970(CVE-2024-34641): Improper Export of Android Application Components in FeliCaTest
  • SVE-2024-1009(CVE-2024-34642): Improper authorization in One UI Home
  • SVE-2024-1154(CVE-2024-34643): Improper access control in Dressroom
  • SVE-2024-1155(CVE-2024-34644): Improper access control in Dressroom
  • SVE-2024-1156(CVE-2024-34645): Improper input validation in ThemeCenter application
  • SVE-2024-1187(CVE-2024-34646): Improper access control in DualDarManagerProxy
  • SVE-2024-1191(CVE-2024-34647): Incorrect use of privileged API in DualDarManagerProxy
  • SVE-2024-1212(CVE-2024-34648): Improper Handling of Insufficient Permissions in KnoxMiscPolicy
  • SVE-2024-1226(CVE-2024-34655): Incorrect use of privileged API in UniversalCredentialManager
  • SVE-2024-1278(CVE-2024-34649): Improper access control in new Dex Mode in multitasking framework
  • SVE-2024-1381(CVE-2024-34650): Incorrect authorization in CocktailbarService

Most Popular

Exit mobile version