Samsung S7 Smartphones Vulnerable To Meltdown Exploit

An Intel chip within the Samsung Galaxy S7 smartphone can be exploited by the Meltdown flaw, to allow hackers to spy on people.

This is the warning from researchers from Austria’s Graz Technical University, who found that they could exploit the Meltdown vulnerability to attack Galaxy S7 handsets.

The Galaxy S7 smartphone was released in 2016, and there are thought to be approximately 30 million people still using the Samsung phone.

Samsung patch

The Graz Technical University told Reuters, that they will release their findings on Wednesday at the Black Hat security conference in Las Vegas.

The researchers are also examining Meltdown’s impact on other makes and models of smartphones and expect to uncover more vulnerable devices in the near future, researcher Michael Schwarz told Reuters.

“There are potentially even more phones affected that we don’t know about yet,” he said. “There are potentially hundreds of million of phones out there that are affected by Meltdown and may not be patched because the vendors themselves do not know.”

Samsung meanwhile reportedly said it had created a patch to protect Galaxy S7 handsets against Meltdown, that it began pushing out to affected users last month.

“Samsung takes security very seriously and our products and services are designed with security as a priority,” the company is quoted as saying in a statement.

A Samsung spokeswoman apparently declined to say how many Galaxy S7s were vulnerable to Meltdown attacks.

She said there were no reported cases where Meltdown had been exploited to attack an S7 handset and that no other Samsung phones were known to be vulnerable.

Intel flaw

It should be remembered that the Meltdown flaw had little to do with Samsung, as the vulnerability was one of two flaws (the other was called Spectre) that found earlier this year on most Intel central processing units (CPUs).

Meltdown and Spectre affect just about every single processor made over the past 20 years, causing emergency fixes and mitigations to be released for Windows, Mac, iOS and Android.

Chips made by ARM manufacturers and AMD were also impacted.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Matters were not helped by the fact that Intel’s software patches for the flaws were less than perfect and had a significant performance impact on the affected machines.

Intel In March said it planned to ship new processors that contained hardware fixes for the Meltdown and some variants of the Spectre attacks.

But Samsung is not the only smartphone maker to be impacted by the Intel flaws.

Apple for example admitted that its devices were affected, and somewhat predictably it was hit by a class action lawsuit in the US over the matter.

Apple has said it plans to drop Intel chips from its devices from 2020.

What do you know about Samsung? Try our quiz!