Samsung’s October security update comes with an unusual twist, offering five critical reasons for Galaxy phone owners running Android 12, 13, or 14 to update immediately. In the past, critical updates typically addressed broader Android vulnerabilities or hardware patches. While this month includes two such Qualcomm updates delayed from September, the focus now is on Samsung’s own vulnerabilities within its UI.
The five vulnerabilities (CVEs) involve “librtppayload,” a Samsung-specific system component. They allow remote attackers to execute arbitrary code with system privileges, although some level of user interaction is required, usually by tricking users into engaging with an on-screen exploit. Fortunately, no active exploits have been detected yet, but Galaxy users are strongly advised to update as soon as the October release becomes available. Rollouts will vary by model, region, and carrier, with lower-end devices receiving updates later in the month.
It’s important to note that not all devices are still eligible for security updates, with up to 750 million Android phones no longer receiving support. Samsung devices that are still supported get updates either monthly, quarterly, or biannually. Until your device receives the update, it remains vulnerable.
The five vulnerabilities are tied to the way compressed video is handled, which can expose parts of the device’s memory that should be off-limits. This can lead to device instability or even allow remote code execution, according to Samsung’s warning.
While it’s good news that these issues have been addressed, not all flagship devices are receiving Google’s system updates. For instance, Galaxy Z Fold 6 and Z Flip 6 phones haven’t received updates since April and will not get One UI 7 or Android 15 until 2025. Samsung has also hinted that there may be more critical fixes in the October release, with some vulnerabilities remaining undisclosed for now Galaxy phones.