A day after news broke of a security hole in the keyboard software of at least 600 million of its smartphones, Samsung on Wednesday said it will soon roll out an update that will fix the issue for its Knox enterprise customers. The company, however, has yet to say when the issue will be resolved for its regular customers.
The vulnerability, which was made public Tuesday, affects many of Samsung's most popular devices, including its Galaxy S6 flagship smartphone. Under the right circumstances, a hacker could exploit the hole to take over a user's phone and do anything from listening in on a phone call to viewing the photos on the device.
The electronics giant said its Samsung Knox enterprise devices will receive a fix for the issue in just a few days, but nowhere in its statement does the company say how it plans to address the issue for non-enterprise users.
“Samsung takes emerging security threats very seriously," the company said in a statement. "We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days."
The International Business Times has reached out to Samsung multiple times to specify when non-enterprise users can expect a fix, but the company has yet to give an answer.
The company is getting no help from its partners in dealing with the matter. Verizon, Sprint and T-Mobile have all referred the press to Samsung for comment, while AT&T did not respond. Meanwhile, SwiftKey, which developed the technology behind the keyboard in question, is putting the blame on Samsung, saying "It appears that the way this technology was integrated on Samsung devices introduced the security vulnerability," which is the equivalent of "Samsung did not install our software correctly, and that's why there's a problem."
In the meantime, NowSecure, which discovered the vulnerability, advises Samsung device owners to avoid connecting to non-secure Wi-Fi networks, which could expose their device to hackers.