August 19, 2024 – The U.S. government has recently issued an urgent notice, instructing federal employees to update their Samsung Galaxy smartphone systems by August 28th, or face a ban on using these devices for official purposes. This directive comes as a followup to a similar action in July, which targeted Pixel smartphone users.
The move was prompted by Google’s discovery of two critical software vulnerabilities, identified as CVE-2024-32896 and CVE-2024-29745, which have already been exploited in real-world scenarios. These flaws could potentially enable attackers to escalate their privileges, allowing malicious applications to access sensitive data that would otherwise be inaccessible, including both work-related and personal information.
In recognition of the severity and potential harm posed by these vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added them to its Known Exploited Vulnerabilities (KEV) catalog. As a result, federal employees have been given a 21-day deadline to complete the necessary system updates.
Although the current directive specifically targets federal employees, it is worth noting that many organizations and businesses often align their security standards with those of the government. Therefore, it is advisable for all Galaxy smartphone users to promptly install the August security patch to mitigate any potential risks.