Samsung details April 2019 security patch, fixes 15 new Vulnerabilities and exposures items


Samsung details April 2019 security patch, fixes 15 new Vulnerabilities and exposures items

Samsung has released the security patch details for April 2019, which fixes the different level of exploits and issues within Samsung phones.

There are issues with the operating system, kernel patches, and driver updates may not affect any particular device, but need to be fixed in the Android operating system covered by monthly updates. Samsung is releasing a maintenance release for its phones as part of the monthly Security Maintenance Release (SMR) process.

This month's SMR package includes patches from Google and Samsung, providing fixes to 15new Samsung Vulnerabilities and Exposures (SVE) items found in a recent build, as some of them are the followings:

1. Change of protected features without authentication via Emergency mode   

Severity - Moderate

Vulnerability - Improper startup procedure in Emergency mode allows unauthorized users to accept Emergency mode EULA instead of the device owner and disable some protected features without any prior authentication.

Fix - The patch adds authentication procedure before it starts the Emergency mode.

2. Smartwatch bug

Severity - High

Vulnerability - A vulnerability in Secure Folder allows to show the Secure Folder notification content in smartwatch.

Fix - The patch adds the notification ID check and rejects if it comes from Secure Folder.