Security flaw: Samsung Galaxy S4.
Israeli cyber security researchers claim to have found a major hole in Samsung's Knox security software that leaves Galaxy S4 devices used for enterprise and government work vulnerable to hackers.
The reported security hole makes it possible for malware to intercept secure data, such as emails, on GS4 smartphones that are supposed to be protected by the Knox software, according to the Wall Street Journal.
The Knox platform is designed so users can keep their personal data on the same device as their sensitive, work-related data, which is protected separately by the Samsung security software.
But in the worst-case scenario projected from the recently reported vulnerability, it could be possible for hackers to use the security hole to install hostile code that could cripple an enterprise's entire security network, the report said, citing cyber security experts at the Ben-Gurion University of the Negev in Israel.
The university researchers said the security gap is considered a "category one", or most serious, vulnerability.
Samsung is aware of the researchers' allegations, but the South Korean company said an initial investigation founds the problem is not as serious as the university's cyber security experts allege.
"Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware," a Samsung spokesman told the Journal.
The company plans to investigate the claim further, but the spokesman said the university researchers appear to have conducted their tests using GS4 devices that are not loaded with all of the software that an enterprise user would have.
The researchers did say their tests were done using store-bought GS4 units.
Los Angeles Times