Galaxy S7 and Galaxy S7 Edge: March patch comes to ship

0
53

The update is available for the free devices. Less than two months ago, Samsung supplied the provider models with the January security patch.

Samsung has begun to Android-March security patches for galaxy S7 smartphones. The update is available for the free models in Germany, Austria and Switzerland as well as for the variants of 1&1.

The S7 smartphones introduced four years ago currently receive security updates every three months. However, the updates take place at different times. The variants sold by the providers last received the January-Sichhersichpatch in February. Presumably, the next update for this group will ship in May.

Galaxy S7: System Update (Picture: ZDNet.de)

Android Security Bulletin March 2020

Google had released the March updates for Android earlier this month. The patch level labeled 1.3.2020 includes bug fixes for the Android framework, while patch level 5.3.2020 also addresses kernel and vendor driver vulnerabilities. Most smartphone manufacturers initially implement only the first patch level, presumably for time constraints. However, the first patch level of the following month also includes the bug fixes of the second patch level from the previous month.

The first patch level closes a total of 12 security vulnerabilities, of which a (CVE-2020-0032) is classified as “critical”. Vulnerabilities that can be exploited without warnings or prompts are classified as “critical”. Examples include the remote extension of user rights, which allows attackers to write to the file system or execute arbitrary code without user interaction.

The second patch level closes a total of 60 vulnerabilities. This includes the already mentioned error in Mediatek processors. Of these vulnerabilities, 16 are classified as “critical.” They are invariably plugged into Qualcomm components.

In addition to Google’s monthly security updates, smartphone manufacturers also release details of gaps that can only be found in devices of the respective manufacturer. Samsung reports this month of 25 vulnerabilities. However, the company only gives details of five gaps, all of which are not classified as “critical”. So it can be assumed that the remaining vulnerabilities are so severe that Samsung does not give details of it in order not to encourage cybercriminals to exploit them fraudulently.

For some smartphones, such as the Galaxy S10, Samsung is already distributing the April 2020 security patches. Samsung has been delivering security patches just as quickly or even faster as Google for several months.

Samsung delivers monthly security updates for its current smartphones that are no older than three years. These include the Galaxy S10, S9, S8, Note 10, Note 9, and Note 8 series. The more than three-year-old Galaxy S7 receives updates only quarterly. This was most recently the case at the beginning of February.

Smartphone security

Google Play Protect (Image: Google)Security patches are an important component to protect smartphones from cybercriminals. Other layers of security, such as sandboxing of applications and security services such as Google Play Protect, are just as important as Google in a Blog Explains.

Overall, the security level of Android smartphones has improved significantly in recent years. This is also confirmed by the German security researcher Karsten Nohl in an interview with Spiegel-Online: “Android as technology has become much more secure in recent years, probably even more secure than Windows.”

If, as in the case of S7 smartphones, devices receive security updates only at irregular intervals or no longer at all, it is now very difficult for attackers to attack an Android device, which is related to the high complexity and security mechanisms of the operating system. Also, a missing patch does not mean that bugs can be exploited. Nohl explains, “Modern operating systems contain various security barriers, such as ASLR and sandboxing, all of which typically need to be overcome to hack a phone remotely.” As a result, some forgotten patches are usually not enough for hackers to take over a device. “For a successful attack, multiple bugs must be chained instead.” Because of this high complexity, criminals rely on other methods, such as social engineering, to cheer users on malicious apps. “In fact, there has been little hacking activity around Android in the past year.”

Smartphone security: Android before iOS

According to a Investigation of Gartner Android is now even ahead of iOS in terms of security, with Samsung devices best protected by the Knox security solution. Of the twelve corporate managed security features reviewed by Gartner, Samsung Knox achieves 100 percent of the “strong” rating, while only 5 out of 12 parameters are rated “strong” under iOS 11. For the 16 device security features reviewed by Gartner, Samsung Knox scores “strong” in thirteen cases, while iOS 11 scores only seven times. In general, according to Gartner, Android is catching up with iOS. While smartphones with Android 7 and five “strong” ratings were still inferior to the iOS platform, smartphones with Android 8 reach the top score 11 times and thus pass the iPhone. Gartner has not yet released android 9 and iOS 12 data.

Perform an update

The update should be offered for installation under Settings – Software Update on the mentioned devices. If the update is not available there or the download limit of the server is reached, you can try to install the update manually with the Samsung Tool Smart Switch. Often this is available for Smart Switch earlier than via OTA. Smart Switch is available for Windows And Macos before. If you are not sure which firmware version is installed on your Samsung smartphone, you can do so with the Phone INFO Samsung get out of it. Among other things, the app lists the product code so that you can find out if an update is available using the table below. Alternatively, you can also access this information by entering *#1234″ in the phone app. CSC specifies the corresponding provider code.

Samsung Galaxy S7: Current firmware versions (source: Sammobile, as of March 30, 2020)

Android version Security patch CSC (provider code in red) Product code Provider
8.0 1 March 2020 G930FDbt8ETC1 Dbt Free Device (Germany)
8.0 1 March 2020 G930FAto8ETC1 Ato Free devices (Austria)
8.0 1 March 2020 G930FAut8ETC1 Aut Free device (Switzerland)
8.0 1 March 2020 G930FXEG8ETC1 XEG 1&1
8.0 1 January 2020 G930FVFG7ESK7 VD2 Vodafone
8.0 1 January 2020 G930FTef7ESK1 Via O2
8.0 1 January 2020 G930FDdx7ESK1 Dtm T-Mobile
8.0 1 January 2020 G930FDdx7ESK1 Dde Congstar
8.0 1 January 2020 G930FDre7ESK2 Dre Hutchison Three (Austria)
8.0 1 January 2020 G930FVFG7ESK7 Mob A1 (Austria)
8.0 1 January 2020 G930FDax7ESK1 Max T-Mobile (Austria)
8.0 1 January 2020 G930FDax7ESK1 Trg Telering (Austria)
8.0 1 January 2020 G930FVFG7ESK7 Swc Swisscom (Switzerland)

LEAVE A REPLY

Please enter your comment!
Please enter your name here