Samsung confirmed the vulnerability exists on Galaxy devices since 2014

According to Forbes , the new security patch eliminates 9 serious vulnerabilities discovered in Android and 19 found in Samsung's proprietary software. One of these 19 vulnerabilities is a serious bug that has appeared in all Galaxy smartphones since 2014. This means that even older smartphones like the Galaxy S5 or Galaxy Note 4 are struggling with the problem.

The security flaw took advantage of a customized version of Android from Samsung that supports files in the Qmage (.qmg) format - a format developed by South Korea's company Quramsoft. All Galaxy smartphones from Samsung have supported .qmg files since the end of 2014, and these files are also used to support Samsung Themes.

However, Google's Project Zero research team has discovered a flaw that allows exploiting the imperfection of deploying Qmage on Samsung smartphones. Using the zero-click exploit, the researchers were able to gain access to one of Samsung's custom Android operating system libraries.

Researchers can access operating system files by sending MMS messages. To get to the Android operating system library on Galaxy devices, they need to make 50 to 300 MMS messages. Of course, the messages use the .qmg file.

Samsung has now confirmed and officially fixed this known bug for nearly 6 years through the May update. Currently, the latest patch has appeared for smartphones such as Galaxy S20, Galaxy Z Flip, Galaxy Fold, Galaxy. Note 10, Galaxy S10 and Galaxy A50. To check for software updates, go to Settings> Software Update> Download and install.