The March 2023 security patch from Samsung includes 50 changes and is available now

As a result of Samsung officially outlining the features that would be included in its newest security patch, the firm is getting ready to roll out the March 2023 update to its mobile devices, including smartphones and tablets. The information regarding the company’s security patch for the month of March 2023 may be found on the homepage that is dedicated to security. The security patch that Samsung released in March 2023 comprises 39 patches for vulnerabilities that had been disclosed by Google. In addition to this, Samsung has added 11 additional patches to its Galaxy smartphones and tablets to close security vulnerabilities. With this addition, the total number of vulnerabilities addressed by Samsung’s security patch for March 2023 is now 50. There are five fixes that are considered to be “important,” while 35 are rated as “high.”

The majority of the Samsung-specific errors that need to be fixed have a priority level of “moderate.” The update that was provided by Google includes five bug fixes, but they are not applicable to Samsung devices. One of the security flaws that is present in Galaxy smartphones and tablets is an issue that is related to the decon driver. This flaw gives an attacker the ability to produce a memory access error. It is compatible with gadgets that use an Exynos 2100 CPU and are running Android 11, Android 12, or Android 13. Hackers were able to remotely power off a Galaxy smartphone by exploiting a vulnerability in the AutoPowerOnOffConfirmDialog function.

Hackers were able to reset settings because of a flaw in the authentication process for the Sec Settings function. Samsung has implemented the appropriate authentication mechanism to prevent something like this from occurring. The security patch released in March 2023 corrected an issue that allowed attackers to remotely disable the Do Not Disturb mode due to improper access control in the PhoneStatusBarPolicy function of System UI in One UI. Nonetheless, this vulnerability still exists. Hackers were able to send data without permission thanks to yet another vulnerability in Bluetooth that was caused by insufficient access control.

The Galaxy Themes Service contained a path traversal vulnerability, which allowed attackers to access files with the System user ID. Before the security patch that was released in March 2023, faulty authorisztion implementation in phones that used an Exynos chip allowed for erroneous handling of unencrypted messages. Samsung has now corrected the faults that caused these problems. Moreover, Samsung Keyboard, SoftSIM TA, and Bluetooth all had security flaws that have since been patched.