Google exposes Samsung Galaxy S6 Edge’s security flaws
The Project Zero security team at Google recently researched the Android-powered Samsung Galaxy S6 Edge and uncovered 11 “high-impact security issues”, including a bug that could have allowed hackers to gain control of a victim’s phone.
Dr Steven Murdoch, a security researcher at University College London, told the BBC that these issues “significantly weakened the security” of the modified version of Android on the phone.
“There’s definitely a tension between Google and the handset manufacturers because Google wants to protect its Android brand, and when it comes to security, Android has been quite tarnished,” he said. “Some of that is down to the extra software that handset manufacturers add.”
Among the 11 bugs were a number of memory-corruption issues that occurred when opening photos, and a weakness in Samsung’s email software that could have let hackers forward a victim’s messages to another account.
The team at Google notified Samsung of the flaws and the phone manufacturer has since responded by fixing eight of the 11 bugs.
“The majority of these issues were fixed on the device we tested via an OTA [over-the-air] update within 90 days, although three lower-severity issues remain unfixed,” said Project Zero.
A spokesperson from Samsung told the BBC that the remaining issues would be fixed in an update later in the month.