Android patch: Samsung fixes Galaxy flaw that lets crooks into stolen phones

Samsung has issued a patch to shut down a bypass for 'factory reset protection', which is meant to stop thieves from setting up a stolen device.
Written by Liam Tung, Contributing Writer

Samsung lists five issues specific to its hardware, including a high-severity bypass for factory reset protection.

Image: Samsung

On the heels of Google's June security bulletin published yesterday, Samsung has announced its own June patches for select Galaxy devices. The update includes fixes for bugs in Android as well as ones for issues specific to Samsung software.

Samsung's update includes 31 of the 40 vulnerabilities Google detailed in its June Android security bulletin, which moved Nexus devices up to the Android Security Patch Level of June 1, 2016. Samsung's Galaxy devices will move to the same level once their updates arrive.

Google's update included Android system bugs, plus a handful of Nexus-specific issues from Qualcomm's hardware drivers, which aren't carried over to Samsung's update.

Besides the Android bugs that are relevant to Galaxy, Samsung lists five issues specific to its hardware, including a high-severity bypass for factory reset protection, or FRP.

This feature is meant to deter thieves by preventing a device from being set up after a factory reset unless a person knows the Google credentials associated with the device before the reset.

FRP on Galaxy devices running Android 5.0 and 5.1 can be bypassed by connecting the device to external storage via Samsung's OTG USB connector.

"The vulnerability enables [criminals] to launch MyFiles and to install malicious applications during setup wizard status via USB OTG. Ultimately it is possible to bypass the FRP," Samsung said.

The other serious bug was an 'application signature check bypass' affecting Galaxy devices running Android 5.0, 5.1, or 6.0 that have fingerprint readers. It appears the flaw could be used to install a malicious application.

Samsung said the flaw would allow attackers to "bypass the signature check [during the] installation of certain applications. The fix resolves proper exception handling of the signature check," the company said.

Samsung also fixed errors in its description of security features in the SIM lock feature and the encryption it used to send email.

Here are the Samsung devices that are receiving the update:

• Galaxy S series: S7, S7 edge, S6 edge+, S6, S6 edge, S6 Active, S5, S5 Active.

• Galaxy Note series: Note 5, Note 4, Note edge.

• Galaxy A series: A5x.

Read more about Android security

Editorial standards