Samsung has started seeding the March 2023 Android security patch to its Galaxy devices. The Galaxy S23 and Galaxy S22 series are receiving the latest security update first. This month’s SMR (Security Maintenance Release) patches more than 60 vulnerabilities.
The February SMR for the Galaxy S23 and Galaxy S22 phones is currently rolling out in Europe. According to the Dutch publication GalaxyClub, the update for the Galaxy S23, Galaxy S23+, and Galaxy S23 Ultra comes with the firmware build number S91*BXXS1AWBM. That, for the Galaxy S22 trio, is S90*BXXU3CWBE. The rollout should reach other markets, including the US, in the coming days. As usual, the firmware versions may vary according to the market and carrier. The content will remain unchanged, though.
Samsung’s official changelogs for these updates only mention the latest security patch. However, the firmware versions as well as the size of the OTA (over-the-air) package suggest there’s more. The update for the Galaxy S23 Ultra weighs over 350MB while that for the Galaxy S22+ weighs just shy of 340MB. Other models should also be getting updates of similar sizes. The publication speculates that Samsung is pushing fixes for some bugs that may have snuck onto the devices with the One UI 5.1 update. Galaxy S22 users complained about unnatural battery drain following the update last month.
March security update for Galaxy devices patches more than 60 vulnerabilities
While it’s unclear if Samsung is pushing any bug fixes with the latest update for the Galaxy S22 and Galaxy S23 series, we know the content of the March SMR. The company’s official security bulletin reveals that this month’s security release patches five critical Android OS vulnerabilities, some of which could lead to remote code execution. On top of that, the new SMR also contains fixes for more than 30 high-severity Android OS vulnerabilities.
Lastly, Samsung has patched 23 Galaxy-specific vulnerabilities this month. Called Samsung Vulnerabilities and Exposures (SVE), these are privacy and security flaws only affecting Galaxy devices. These issues don’t exist in Android products from other brands. The Korean firm has patched issues of varying severity across various system apps, services, and components.
These include a high-severity flaw in Galaxy Themes Service that allowed an attacker to access arbitrary files. Another high-severity flaw in SoftSim TA allowed local attackers access to protected data. Other SVEs patches this month affected Settings, Bluetooth, Exynos baseband, Samsung Keyboard, Call application, and more. Samsung will push these fixes to more Galaxy devices in the coming days. We will keep you posted with those updates.