Samsung is rushing a critical patch to all Galaxy devices amid active exploitation

Samsung will roll out a critical security patch in August for Galaxy devices to fix zero-day vulnerabilities.

: Samsung is set to release an urgent security patch in August to address a critical zero-day vulnerability affecting Galaxy devices. The vulnerability, CVE-2024-32896, initially believed to be Pixel-exclusive, extends to all Android devices. Another serious vulnerability, CVE-2024-29745, is also being monitored.

Samsung has announced that a vital security patch for Galaxy devices will begin deployment in August to address a critical zero-day vulnerability, CVE-2024-32896, which has been exploited actively. This urgent release deviates from earlier estimates, which suggested a fix could take three months or longer.

Initially discovered in Google's Pixel devices, the vulnerability was later confirmed by Google to affect all Android devices. Furthermore, the security-focused Android project GrapheneOS highlighted a second, more severe vulnerability, CVE-2024-29745, which remains unaddressed for non-Pixel devices, although it would require additional exploits to become highly dangerous.

Due to the fragmented nature of the Android ecosystem, which necessitates patch validation and customization by carriers and manufacturers, timely rollouts of critical updates can be challenging. Despite this, Samsung's rapid response is commendable, and users are advised to install the August update promptly. Samsung's update will also likely bring other enhancements, including potential camera improvements and new Galaxy AI features.