A serious security flaw has been discovered in Samsung鈥檚 mobile processors, with warnings coming from Google鈥檚 Threat Analysis Group. The vulnerability, known as CVE-2024-44068, is linked to a memory management error called 鈥渦se-after-free.鈥
This flaw can be exploited to run harmful code remotely and gain higher control over affected devices. While Samsung has addressed the issue in its October 2024 security update, the problem may have already caused damage.
The affected processors are used in several Samsung Galaxy devices, including the Exynos 9820, 9825, 980, 990, 850, and W920. This means many Samsung鈥檚 older models are at risk. Due to the fact that these processors are not in newer devices, users with older models may need to act quickly to stay protected.
How Is the Exploit Being Used?
The vulnerability does not work alone but is part of a series of security flaws known as an “exploit chain.” Google researchers revealed that attackers have already found ways to use this bug.
In targeting specific media functions, attackers can access sensitive parts of the phone’s system, such as the cameraserver process. In practice, the attack takes advantage of media acceleration functions on Samsung鈥檚 processors. The exploit allows hackers to access memory after it has been freed, giving them the ability to execute malicious commands.
Researchers noted that the exploit even renames processes to make detection harder.
While no specific attackers have been publicly identified, experts believe spyware vendors could be involved. The growing number of these attacks in recent months has heightened the focus on security flaws in smartphones.
More from News
- What Do The April 2026 ONS Market Figures Mean For UK Businesses?
- FinanceWire And Symex Global Partner To Boost PR And IR Reach For Euronext Paris Companies
- Could You Be Answering A Normal Call When It鈥檚 Actually A Deepfake?
- Do People Trust AI More Than They Trust Humans?
- Power Costs Are Causing 1 In 5 UK Firms To Move Overseas
- What Will Happen If EU Regulators Win At Getting Google To Share Its Data?
- Uber Eats Makes Influencers Central To Its UK Growth Strategy
- It Sounds Ridiculous, So Why Is Allbirds鈥 AI Pivot Actually Working?
How Are Google and Samsung Responding?
Google鈥檚 TAG played a big part in identifying and warning about this vulnerability. While Android 15 introduced security improvements, Samsung鈥檚 update rollout has been slower.
The delay means many users will have to wait until 2025 for the Android 15 upgrade, potentially leaving some devices exposed in the meantime.
Samsung has released a patch addressing the vulnerability in its latest security update, but only some devices are covered. A few older models with the affected Exynos processors may no longer receive regular monthly updates. This could leave those users with limited options other than upgrading their phones.
For Google, the situation comes at a delicate time. With the company promoting its Android 15 release, some Pixel users have reported technical issues, including devices that stopped working after the update. Although these teething problems have been frustrating for Pixel users, Google鈥檚 security is an important part in fighting threats like those found in Samsung鈥檚 devices.
What Should Samsung Users Do?
Experts recommend that Samsung Galaxy users update their devices immediately if the patch is available. For older phones that may no longer get monthly updates, switching to a newer device could be the safest solution. Users should also be cautious when downloading apps or granting permissions, as some spyware programs exploit such vulnerabilities to gain access.
While Samsung and Google are trying to sort out the issue, staying ahead of these threats requires quick action. Those with affected models should not delay in securing their devices to avoid falling victim to malicious attacks.
