Samsung patches high-risk security vulnerability in its SSD software, update yours now
- Thread starter Parkinsond
- Start date
I have a Samsung SSD but i don't use the app, so I image I'm OK
You are just fine; I use Crystal disk info regardless of the drive manufacturer; light and does the job.
Recommendation / Remediation
Priority 1
Immediate Update You must update the software to a patched version to mitigate this risk.
Verify Version
Open Samsung Magician and check if the version is between 6.3.0 and 8.3.2.
Install Patch
Update to Samsung Magician version 9.0 (or newer) immediately.
This update patches the vulnerability and introduces a redesigned UI.
Source
Download the update directly from the official Samsung Semiconductor website to ensure integrity.
Priority 2
Principle of Least Privilege
Ensure that standard user accounts on the machine do not have unnecessary write access to system directories, though this specific exploit targets a temporary folder created by the installer itself.
Sources & References
Official Vendor Source (Patch & Advisory)
Samsung Semiconductor Support
This is the official location to download the patched version (9.0 or higher) of the Samsung Magician software.
URL:
Priority 1
Immediate Update You must update the software to a patched version to mitigate this risk.
Verify Version
Open Samsung Magician and check if the version is between 6.3.0 and 8.3.2.
Install Patch
Update to Samsung Magician version 9.0 (or newer) immediately.
This update patches the vulnerability and introduces a redesigned UI.
Source
Download the update directly from the official Samsung Semiconductor website to ensure integrity.
Priority 2
Principle of Least Privilege
Ensure that standard user accounts on the machine do not have unnecessary write access to system directories, though this specific exploit targets a temporary folder created by the installer itself.
Sources & References
Official Vendor Source (Patch & Advisory)
Samsung Semiconductor Support
This is the official location to download the patched version (9.0 or higher) of the Samsung Magician software.
URL:
Tool & Software Download | Samsung Semiconductor Global
Download various software related to your product, including Samsung Magician, designed for use with Samsung's memory products, and find related information.semiconductor.samsung.com
My theory is the less programs & or extensions you have the less there is to go wrong...
Another reason to use Crystal disk info; if I stick to the manfacturer software and have for example 3 drives of different vendors in my PC, I need to install 3 different programs, larger attack surface area.
Besides drive health; what would be the reason to run the Samsung SSD software?
Also, isn't windows built in drive health monitoring sufficient?
Also, isn't windows built in drive health monitoring sufficient?
It's claimed that manfacturer own software is more precise than 3rd party ones.
W 11 24h2 lacks this feature, or may be my drives are too old and not supported for.
Samsung makes great hardware and terrible software. Simple rule is to never ever use Samsung software. Get the hardware then don't ever connect or update. Samsung Magician is not only bad for security but the firmware updates for drives often nerf speeds. Be careful.
There stable version of Windows browser is not bad; the main downside is being based on an old Chromium version.
You may also like...
-
If you have a Samsung phone, look out for the next security update, it is massive- Started by Gandalf_The_Grey
- Replies: 1
-
Critical Windows Admin Center Vulnerability Allows Privilege Escalation- Started by Parkinsond
- Replies: 4
-
Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire- Started by Brownie2019
- Replies: 1
-
Microsoft patches actively exploited Office zero-day vulnerability
- Started by Parkinsond
- Replies: 0
