Samsung experienced a serious security breach that put your phone at risk

if you have Samsung phones may have serious security issues. This has been reported by the nccgroup technical service. There seems to be a security hole in Galaxy Store app, alternative app store for Google Play built into Samsung phones.

They thousands of applications that we can install from the Galaxy Store, we no longer just use it to update Samsung's own apps, but some of the most popular apps share an app store and we can install them from any store we want. If you use Galaxy Store to install appsbe careful and protect your phone with the following recommendations.

Two vulnerabilities have been discovered since then nccgroup on Galaxy Store Appone of them allows inappropriate access and application to be installed without user's permission and the other one is faulty input validation which allows attacker to execute JavaScript code to start website without permission.

Insufficient access control to install apps without permission

This first error links to apps installed through the Galaxy Store and the Galaxy Store app itselfspecifically in version 4.5.44.1, among others who may also be affected by this vulnerability.

With this vulnerability, any app that has been installed from the Galaxy Store on a Samsung device running Android 12 is reachable install other apps automatically and without user permission.

to solve the problem Samsung has finally released a new version of the Galaxy Store, version 4.5.50.6 (latest version available today) That's when it was revealed there was a problem. So you have to update the Galaxy Store app, for this you have to open it and it will automatically ask you to update it.

Yes You have a Samsung with Android 13, this vulnerability doesn't affect you, but in the same way we advise you to update the Galaxy Store app to submit possible failures. The update method is the same as on Android 12 devices.

Permission to execute JavaScript code when opening websites

Another vulnerability present in Samsung phones is related to pre-installed apps on Samsung phones and it has been found that in the Galaxy Store it ignores some URL filters that limit navigable domains.

The operation is as follows: if a website is visited from Google Chrome or from an app pre-installed on a Samsung device and by tapping on the hyperlink or the link can be bypassed by Samsung's URL filter and at that another website could be started with a domain controlled by the attacker.

The solution to this security issue is the same as the previous one, as on December 3 a failure was reported to Samsung, but Until January 1, the company did not release version 4.5.49.8 from the Galaxy Store to resolve the issue. Just open the Galaxy Store app and make sure you have the latest version.

If you doubt this serious security flaw present on your phone, because there are many users who do not use the Galaxy Store application and, therefore, do not update it, so to avoid big problems and fears, update the Galaxy Store app as soon as possible to be protected from possible threats.