Samsung has developed a new security system called Samsung Message Guard to help Galaxy smartphone users keep safe from the so-called “zero-click” exploits that use malicious image files.
The Korean tech giant says its new security system will be able to detect these threats when they reach the device as a message and to stop them before they do any damage.
Zero-click exploits
Zero-click exploits are sophisticated threats that leverage a vulnerability without requiring any interaction with the user.
Typically, attacks relying on zero-click exploits involve sending the target a message or file with malicious code to trigger a vulnerability on the device that gives the attacker access without the victim even opening the message or file.
Notable zero-click attacks targeted journalists and activists with NSO’s Pegasus spyware by leveraging the KISMET and FORCEDENTRY exploits in Apple's iMessage.
Apple tried to mitigate these security threats by introducing the Lockdown Mode, an operation mode designed for high-risk individuals that limits functionality and increases security of the device.
Samsung Message Guard
Samsung Message Guard is an isolated virtual space on the smartphone that acts as a temporary hosting location for newly arrived image files in PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, and WBMP formats.
The system checks the files to determine if they hide malicious code. If so, they are locked in quarantine mode and blocked from accessing or interacting with the underlying operating system.
“Samsung Message Guard automatically neutralizes any potential threat hiding in image files before they have a chance to do you any harm,” explains Samsung in the feature announcement.
“It also runs silently and largely invisibly in the background and does not need to be activated by the user” - Samsung
The new security system is added to Samsung’s multiple existing protection layers, most notably Samsung Knox, which can offer real-time threat detection and protection against malware.
Samsung Message Guard is available immediately for Galaxy S23, released on Friday, and it will gradually roll out to other Galaxy devices running One UI 5.1 or higher later in 2023.
Comments
xafase - 1 year ago
Cool, how about they get rid of all the spam that they put on all their devices. That would go a lot more to further security than yet another service that collects user data under the guise of security.
jfkl23948 - 1 year ago
Perhaps that is part of their revenue stream. ?
xafase - 1 year ago
They can go screw themselves. No hardware or software company should be legally allowed to double dip like they do.
TsVk! - 1 year ago
If you don't like it, don't buy it. There's plenty of options.
TsofT - 1 year ago
It's too hard to fix the old software so add this new software that will fix things. This time will be different and the software won't be buggy. lurf