news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

IT Home reported on August 19 that the US government recently issued an emergency notice requiring federal government employees to update the Samsung Galaxy mobile phone system before August 28, otherwise they will be prohibited from using these devices. IT Home noted that this is another emergency action after requiring Pixel mobile phone users to update the system in July.

The incident was caused by Google discovering two serious software vulnerabilities (CVE-2024-32896 and CVE-2024-29745), and confirmed that the two vulnerabilities have been exploited in practice. These vulnerabilities could lead to escalation of privileges, and attackers could use applications to obtain sensitive information that would not otherwise be accessible, including work and personal information.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has listed the two vulnerabilities in the Known Vulnerabilities (KEV) catalog. Due to the severity and potential harm of the vulnerabilities, the government requires federal government employees to complete system updates within 21 days.

Although the notice currently applies only to federal government employees,However, since many organizations and businesses will follow government safety standardsTherefore, it is recommended that all Galaxy phone users install the August security update patch as soon as possible.