Coming up with security that can keep dedicated hackers at bay isn't easy. Even major tech companies struggle with it. Sometimes, though, you have to wonder how hard they're trying.
In the past months, we've seen major laptop brands such as Dell, Lenovo and Toshiba caught using poor security practices in their pre-installed proprietary drive and software update software. Now another major laptop manufacturer joins the list.
On March 4, Samsung released a fix for its Samsung SW Update Tool, which is responsible for downloading new drivers from Samsung's servers. Unfortunately, it operated without any encryption or authentication.
In other words, a hacker on the same network as a Samsung laptop could intercept an automated update request and return their own malicious files for the laptop to install. This is known in security circles as a "man in the middle attack." This kind of attack is another reason you need to be careful using public Wi-Fi and secure your home network against intruders.
The newest version of Samsung SW Update Tool, 22.214.171.124, which you can download here, adds encryption and authentication to the update tool so hackers can't trick it anymore. If you have a Samsung laptop, you'll want to upgrade right away.
This situation is just another reminder that there are plenty of threats out there you can't guard against on your own. You need strong security software installed on all your gadgets to keep hackers and viruses out of your life.