Samsung has issued a crucial update for Galaxy phone users to address multiple vulnerabilities, including a ‘critical’ flaw that cybercriminals have been exploiting. The security patch resolves over 11 issues on these popular devices. Samsung’s update notes highlighted the severity of the situation, warning users about the potential risks.
One of the critical vulnerabilities identified, an ‘Out-of-bounds Write’ in libimagecodec.quram.so before the SMR Sep-2025 Release 1, allows remote attackers to execute arbitrary code. Samsung confirmed that this exploit is being actively used in the wild, posing a serious threat to device security.
Exploiting arbitrary code could enable malicious actors to install malware or gain unauthorized access to the device, leading to potential data theft and privacy breaches. Recognizing the urgency of the situation, Samsung promptly released the patch to safeguard its users. Owners of Galaxy phones are strongly advised to install the latest update immediately.
Reacting to the news, Jamie Akhtar, CEO and Co-founder at CyberSmart, emphasized the importance of addressing these vulnerabilities promptly to prevent remote code execution and potential device compromise. Akhtar highlighted the significant user base of Samsung devices globally, underscoring the risks associated with leaving such security flaws unaddressed.
To minimize exposure to these security risks, users are urged to check for and install the latest update on their Samsung devices promptly. The affected devices that currently receive monthly updates include a range of Galaxy models. Users can access the update by navigating to Settings, selecting Software Update, and opting to Download and Install the patch.
Before initiating the update process, it is advisable to ensure that the device’s battery is sufficiently charged. Samsung reiterated its commitment to addressing security and privacy concerns promptly, emphasizing its dedication to securing devices and maintaining user trust as a top priority.
