Update: Samsung has a patch for the SwiftKey vulnerability we mentioned earlier. Will be rolling out the security update in the next few days. By utilizing its Knox security suite to deliver the patch, Samsung is also working closely with SwiftKey to ensure that such flaws won’t take place going forward. Notably, the pre-installed SwiftKey app on Samsung Galaxy S smartphones is vulnerable, not the one from Google Play.
Thus being said, issuing the update through KNOX will also help bypass carrier testing that might involve weeks given that it would need to be tested for every model.
Here’s an official statement from Samsung on the matter:
“Samsung takes emerging security threats very seriously. We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days. In addition to the security policy update, we are also working with SwiftKey to address potential risks going forward.”
According to SwiftKey, “This vulnerability is unrelated to and does not affect our SwiftKey consumer apps on Google Play and the Apple App Store. We supply Samsung with the core technology that powers the word predictions in their keyboard. It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability.”