Attackers sitting on a network can intercept Swift keyboard updates from Samsung, inject code, and potentially take remote control of millions of Android mobile devices. 600 million devices could be vulnerable, including the Samsung Galaxy S5 on Verizon and the S4 Mini on AT&T. Newer devices are also still affected, despite patches pushed out by Samsung. Samsung said the Galaxy 6 running on Android 5 (Lollipop) was not vulnerable, but NowSecure’s CEO Andrew Hoog said his company purchased a new device and found the vulnerability still present.
Source: https://threatpost.com/samsungs-swift-keyboard-update-mechanism-exposes-600m-devices/113348/