Samsung announced the implementation of a new security feature called Message Guard that aims at protecting users from malicious code that can be installed via zero-click attacks.
Zero-click exploits allow attackers to compromise the target device without any user interaction, for example, a threat actor can exploit a zero-day issue by sending an image to the victims.
“Threats evolve, but so too does Samsung’s mobile security. Samsung Galaxy smartphones offer comprehensive safeguards with the powerful Samsung Knox platform, and users are already protected from attacks using video and audio formats.” reads a statement from the company. “Samsung Message Guard takes that security one step further by preemptively protecting your device, limiting exposure to invisible threats disguised as image attachments.”
Samsung Message Guard silently runs in the background and automatically neutralizes any potential threat that is hidden in image files. The new feature does not need to be activated by the user.
The new feature will be immediately supported by the Samsung Galaxy S23 series, but the company plans to gradually roll it out to other devices of the Galaxy smartphone family.
The South Korean giant pointed out that it is not aware of such attacks on Samsung Galaxy smartphones, Samsung Electronics, but it constantly works to the development of preemptive security measures.
The company presents Samsung Message Guard as an advanced “sandbox,” a secure and trusted environment used to analyze every image that is received to detect hidden malicious code.
“When an image file arrives, it is trapped and isolated from the rest of the device. This prevents malicious code from accessing your phone’s files or interacting with its operating system.” continues the announcement. “Samsung Message Guard checks the file bit by bit and processes it in a controlled environment to ensure it cannot infect the rest of your device.”
Samsung Message Guard provides protection against multiple image formats, including PNG, JPG/JPEG, GIF, ICO, WEBP, BMP, WBMP.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Samsung)