close

Samsung Mobile Security and Cookies

Our site uses essential cookies only. You can read our Privacy Policy and Cookie Policy for more information.

close

Samsung Mobile Security
Cookie Policy

Updated on Jan 17, 2022

This Cookie Policy describes the different types of cookies that may be used in connection with Samsung Mobile Security website which is owned and controlled by Samsung Electronics Co., Ltd (“Samsung Electronics”). This Cookie Policy also describes how you can manage cookies.

It’s important that you check back often for updates to the Policy as we may change it from time to time to reflect changes to our use of cookies. Please check the date at the top of this page to see when this Policy was last revised. Any changes to this Policy will become effective when we make the revised Policy available on our website.

Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region. If you have any questions, the easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.

You can also contact us at:

European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS

Cookies

Cookies are small files that store information on your computer, TV, mobile phone, or other device. They enable the entity that put the cookie on your device to recognize you across different websites, services, devices, and/or browsing sessions.

We use the following types of cookies on this website:

Essential Cookies: enable you to receive the services you request via our website. Without these cookies, services that you have asked for cannot be provided. For example, these enable to identify users and provide proper service for each user. These cookies are automatically enabled and cannot be turned off because they are essential to enable you to browse our website. Without these cookies this Samsung Mobile Security website could not be provided.

Cookie Domain Purpose
JSESSIONID security.samsungmobile.com to keep login session
lastActivityTime security.samsungmobile.com to save the user's last activity time to automatically logout after 30 minutes of inactivity

Managing Cookies and Other Technologies

You can also update your browser settings at any time, if you want to remove or block cookies from your device (consult your browser's "help" menu to learn how to remove or block cookies). Samsung Electronics is not responsible for your browser settings. You can find good and simple instructions on how to manage cookies on the different types of web browsers at http://www.allaboutcookies.org.

Go straight to the menu Go straight to the text
Home>Security Post

Security Post

Announcing up to five (5) years support for Samsung Security Updates on select Galaxy devices

On 10 Feb 2022 by Samsung Mobile Security

As part of our continued commitment to delivering the most up-to-date and secure mobile experience possible, select Galaxy devices within the Galaxy S Series, Z Series, A Series, tablets and Galaxy Watches will now receive up to five years of security updates.

Eligible Galaxy devices with five years of security updates1 include:

  • - Galaxy S Series: Galaxy S22, S22+, S22 Ultra as well as Galaxy S21, S21+, S21 Ultra, S21 FE and upcoming S series devices
  • - Galaxy Z Series: Galaxy Z Fold3, Galaxy Z Flip3 and upcoming Z series devices
  • - Galaxy A Series: upcoming select A series devices
  • - Galaxy Tablets: Galaxy Tab S8, S8+, S8 Ultra and upcoming Tab S series devices
  • - Galaxy Watch: Galaxy Watch4, Galaxy Watch4 Classic and upcoming Galaxy Watch series devices

For more information, please visit here.

1 Availability of security update support may vary by device and market. Security update availability will depend on factors including but not limited to complexity of the update, hardware specifications, as well as chipset vendor and 3rd party’s support.

Notification on vulnerabilities in Samsung Preloaded Apps

On 16 Jun 2021 by Samsung Mobile Security

Overview

Researchers at Oversecured discovered and reported 17 vulnerabilities ranging from Moderate to High in Samsung developed apps that are preloaded on Samsung devices. Assuming an attacker-controlled malicious app is installed on the device, these vulnerabilities could allow the attacker to install apps and exfiltrate data such as photos, videos, call logs, contacts, and SMS/MMS through installing a piece of malware on the device and then exploiting vulnerabilities to use their pre-granted privileges. These attacks are, however, not currently remotely executable and there have been no knownreported issues globally so that users should be assured that their sensitiveinformation was not at risk.

These vulnerabilities affect all Samsung Android devices running Android 8.1 and higher.

Samsung immediately patched the vulnerabilities since April of 2021 and devices with an Android Security Patch Level of June 1, 2021 or later will be considered protected from the disclosed 16 vulnerabilities. And one remaining vulnerability related to Messages (SVE-2021-20903) is expected to be addressed via July Security Update with an Android Security Patch Level of July 1, 2021.

As these vulnerabilities require an attacker-controlled malicious app to be installed on the device in order to initiate an attack, Samsung strongly encourages users to alwaysdownload apps from authorized market stores including Galaxy Apps and GooglePlay store. Users should also make sure to verify the source when downloading apps outside ofauthorized market store, and refrain from installing unknown apps.

CVE/SVE

  • SVE-2021-20733 (CVE-2021-25356)
  • SVE-2021-20636 (CVE-2021-25388)
  • SVE-2021-20500 (CVE-2021-25391)
  • SVE-2021-20731 (CVE-2021-25393)
  • SVE-2021-20690 (CVE-2021-25392)
  • SVE-2021-20716 (CVE-2021-25397)
  • SVE-2021-20724 (CVE-2021-25390)
  • SVE-2021-20877 (CVE-2021-25413)
  • SVE-2021-20879 (CVE-2021-25414)
  • SVE-2021-20702 (CVE-2021-25410)
  • SVE-2021-20601 (CVE-2021-25379)
  • SVE-2021-20637 (CVE-2021-25377)
  • SVE-2021-20542 (CVE-2021-25404)
  • SVE-2021-20612 (CVE-2021-25401)
  • SVE-2021-20631 (CVE-2021-25400)
  • SVE-2021-20722 (CVE-2021-25440)
  • SVE-2021-20903 (CVE-2021-25426)

Notification on Wi-Fi Fragment & Forge (FragAttack) vulnerabilities

On 12 May 2021 by Samsung Mobile Security

Overview

A security researcher at New York University AbuDhabi, found several vulnerabilities (a.k.a. Fragment & Forge or FragAttack) in Wi-Fi components affecting a large number of devices with Wi-Fi connectivity. These vulnerabilities could possibly allow an attacker within physical proximity to inspect data traffic protected by the Wi-Fi network, inject their own data packets into a data stream, and cause some denial of service (DoS) attacks to other connected devices.

This vulnerability affects various Wi-Fi enabled devices (e.g. PC, wearables, appliances, routers) including all Samsung devices running Android 8.0 and higher.

Samsung has worked with affected chipset vendor partners to provide patches for affected Samsung devices, starting in March of this year. Devices with an Android Security Patch Level of April 1, 2021 or later will be considered protected from these vulnerabilities. Samsung encourages all users to ensure their devices are updated once the patch becomes available for the devices.

CVE/SVE

  • SVE-2021-20775
  • CVE-2020-24586
  • CVE-2020-24587
  • CVE-2020-24588
  • CVE-2020-26139
  • CVE-2020-26140
  • CVE-2020-26141
  • CVE-2020-26142
  • CVE-2020-26143
  • CVE-2020-26144
  • CVE-2020-26145
  • CVE-2020-26146
  • CVE-2020-26147
  • CVE-2020-11264
  • CVE-2020-11301