Samsung Message Guard: zero-click attack protection on Samsung Galaxy devices
Samsung Message Guard is a new security feature that is designed to protect Samsung users from zero-click attacks. The solution is available on Samsung Galaxy S23 series devices already and will be rolled out to other Galaxy smartphones and tablets later this year.
Samsung Message Guard is an "advanced sandbox" according to Samsung, which isolates certain types of files when they arrive on the device. It uses virtualization techniques that "checks the file bit by bit and processes it in a controlled environment" so that it can't exploit vulnerabilities to infect the Samsung Galaxy device.
Threat actors have a wide range of tools in their arsenal. Besides common attack forms, which include phishing and malware distribution via email attachments, advanced attacks exist. Zero-click exploits, also known as zero-click attacks, are designed to run automatically, without any user interaction; this makes them particularly dangerous as inexperienced and experienced users may fall victim to these attacks.
Images and other file types may be prepared specifically to contain malicious code. If a vulnerability is found, specially prepared files may be used to execute malware on a user's device as soon as it is displayed as a preview in chat applications or otherwise viewed on a user's device.
Most operating systems are protected by security services and applications. While these provide good protection against known threats, most zero-click exploits use zero-day vulnerabilities that are not patched at the time of discovery.
Samsung admits that it has not detected "such attacks on Samsung Galaxy smartphones", but that there is the possibility. Samsung Message Guard is a preemptive security feature that is protecting Samsung customers from attacks that may exploit vulnerabilities that lead to zero-click attacks in the future.
Samsung notes that protections against audio and video format attacks are already available on Samsung devices. The new Message Guard protection extends protections to certain image formats that are commonly used. The security feature adds protection against zero-click attacks that use the image formats PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, WBMP according to Samsung.
For now, Samsung Message Guard is limited to protecting these kind of attacks in Samsung Messages and Messages by Google only at the time of launch. Samsung announced that it plans to expand protection "across third-party messaging apps" in the future.
Samsung has not revealed specifics regarding the rollout to other Samsung Galaxy devices. The only requirement that Samsung revealed during the announcement is that the devices need to run One UI 5.1 or higher. One UI is the user interface of Samsung Galaxy devices.
Samsung pre-installs One UI 5.1 on Samsung Galaxy S23 series devices and released it officially on February 16, 2023. Galaxy devices that are still in support will receive the update to One UI 5.1 eventually.Advertisement