Samsung has developed a new security system called Samsung Message Guard to help Galaxy smartphone users protect against so-called zero-click exploits that use malicious image files.

The Korean tech giant says its new security system will be able to detect these threats when they reach the device as a message and stop them before they cause damage.

No-Click Exploits

No-click exploits are sophisticated threats that exploit a vulnerability without requiring any user interaction.

Typically, attacks using zero-click exploits involve sending the target a message or file containing malicious code to trigger a vulnerability on the device that gives the attacker access without even the victim opens the message or file.

Notable clickless attacks have targeted journalists and activists with NSO’s Pegasus Spyware leveraging the KISMET and FORCEDENTRY exploits in Apple’s iMessage.

Apple tried to mitigate these security threats by introducing the lock mode, an operating mode designed for high-risk individuals that limits functionality and increases device safety.

Samsung message guard

Samsung Message Guard is an isolated virtual space on the smartphone that acts as a temporary hosting location for newly arrived image files in PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, and WBMP formats.

The system checks the files to determine if they hide malicious code. If so, they are locked in quarantine mode and cannot access or interact with the underlying operating system.

“Samsung Message Guard automatically neutralizes any potential threats hidden in image files before they have a chance to harm you,” Samsung says in the feature announcement.

“It also runs quietly and largely invisibly in the background and does not need to be activated by the user” – Samsung

The new security system adds to Samsung’s existing multiple layers of protection, including Samsung Knox, which can offer real-time threat detection and malware protection.

Samsung Message Guard is available immediately for the Galaxy S23, released on Friday, and it will gradually roll out to other Galaxy devices running One UI 5.1 or higher later in 2023.



Source link