Tech

PSA: Your Samsung Galaxy phone has a security update you should install right now

Sep 16, 2025 - 09:00
 0
PSA: Your Samsung Galaxy phone has a security update you should install right now
samsung's new galaxy z flip 7 and z fold 7 phones on display

In our modern digital landscape, software issues sometimes pop up that require urgent fixes. One such fix is currently rolling out for Samsung Galaxy phones as we speak, and if you haven’t checked your phone for updates today, you may want to. The bug it fixes is a doozy. 

The issue has a very technical name called CVE-2025-21043. Per Samsung’s update page, the bug allowed attackers to conduct an “out-of-bounds write in libimagecodec.quram.so” that “allows remote attackers to execute arbitrary code.” 

According to Google Project Zero, libimagecodec.quram.so is a closed-source tool that third-party messaging apps use to parse images that attackers could use to hijack a person’s smartphone. The patch going out to Samsung devices now fixes an “incorrect implementation” of the tool, preventing that from happening. 

The exploit, which was discovered in August by WhatsApp’s security team, was reported to Samsung and Apple behind closed doors so as not to spread the news. There aren’t any public examples of hackers using this vulnerability, but Samsung’s report notes that the Korean tech giant was “made aware of an exploit in the wild.” Thus, while any individual WhatsApp user was unlikely to be targeted, the tools to do so existed. 

WhatsApp has over three billion users worldwide, so such an exploit could have done some damage, especially if it were made to target multiple users at once. As PCMag notes, Samsung didn’t mention any other third-party messaging services in its report, so it's unclear if only WhatsApp was affected or if other services could’ve been exploited with the vulnerability. 

Apple was first to the punch to fix the exploit, which it did back in late August. It wasn’t the exact same issue as Samsung was facing, but it had a similar end effect in that it could cause phones to be hijacked. 

Samsung’s update comes approximately two weeks after Google released a duo of similar security flaws that also had exploits observed in the wild as part of Android’s monthly security update for September 2025. 

Read More

Related Posts

LimeWire AI Studio Review 2023: Details, Pricing & Features

LimeWire AI Studio Review 2023: Details, Pricing & Feat...

Mar 21, 2025  0

Chinese food delivery giant Meituan reports Q4 revenue up 20% to ~$12.21B, vs. $12.1B est., net profit up 180% YoY to ~$858M, even as it faces stiff competition (Kimberley Kao/Wall Street Journal)

Chinese food delivery giant Meituan reports Q4 revenue ...

Mar 21, 2025  0

A profile of Wiz CEO Assaf Rappaport, who served in Israel's cyber intelligence unit 8200; sources: Wiz was set to hit $1B annualized recurring revenue in 2025 (Financial Times)

A profile of Wiz CEO Assaf Rappaport, who served in Isr...

Mar 21, 2025  2

Interviews with 50+ current and ex-staffers reveal Google's two-year race to catch up with OpenAI, including through layoffs and lowering some guardrails (Wired)

Interviews with 50+ current and ex-staffers reveal Goog...

Mar 21, 2025  7

Yahoo strikes a deal to sell TechCrunch to media investment firm Regent, which acquired PCWorld publisher Foundry earlier this week (Sara Fischer/Axios)

Yahoo strikes a deal to sell TechCrunch to media invest...

Mar 21, 2025  3

Sources: KKR, Coatue, and other ByteDance investors are exploring buying out Chinese investors from TikTok US to assure Trump that it is free of Chinese control (Financial Times)

Sources: KKR, Coatue, and other ByteDance investors are...

Mar 21, 2025  1