Samsung users should update their devices as soon as possible as the company’s latest update includes a fix for a flaw that could allow hackers to gain access to your phone to remotely install malicious code on it. As reported by PCMag, the flaw in question (tracked as CVE-2025-21043) was first discovered last month and Apple pushed out a patch for it to iOS users with its 18.6.2 update. Now though, Samsung phones are receiving their own fix as part of a wider security update.
Realistically, it it unlikely that most users would be targeted with this particular attack but given that this is a critical vulnerability, it’s important that all users update their phones to address the flaw. It’s always considered to be a good idea to keep an operating system up-to-date for this particular reason and at the same time, you want to careful about the apps that you download onto a phone.
Samsung’s notes on the security update state that “out-of-bounds Write in libimagecodec.quarm.so prior to SMR sept 2025 release 1 allows remote attackers to execute arbitrary code.” This basically means that there is an issue with a third party tool on Samsung devices used by messaging apps to look at images in a way that could allow hackers access.
WhatsApp’s security team first discovered the vulnerability, which may affect over 3 billion users worldwide, making it a particularly attractive target for attackers. Meta, in turn, reported the bug to both Apple and Samsung last month. While Samsung doesn’t mention any other affected messaging apps in the security notes, that makes it even more important to download the security update on your phone. This bug affects all Samsung handsets running Android 13 or later, and iOS users should make sure that they’re running iOS 18.6.2 or later in order to stay protected.
Follow Tom’s Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!