Samsung’s software for managing internal and external SSDs, USB flash drives and memory cards called “Magician” has a security flaw that the manufacturer warns about. An updated version is available for download, which users should definitely install.
Advertisement
This is due to inadequate rights control when using a so-called named pipe in Samsung’s Magician PC software for Windows. This allows local users to access higher privileged data without authorization (CVE-2024-23769, CVSS 7.3“Risk”high“). A pipe is a way of interprocess communication to exchange information and data.
Samsung Magician is used for the care and maintenance of Samsung consumer SSDs.
(Image: Screenshot / dmk)
Update for Samsung software
The bug affects Samsung Magician for Windows version 8.0.0. Loud Samsung safety notice The vulnerability was reported at the end of October 2023 and patched with Magician software 8.0.1. She’s on the Samsung support tools page ready to download.
Since the developers classify the vulnerability as a high risk, Windows users of the Samsung Magician software should quickly download and install the updated version. It is used, for example, to update the firmware of SSD drives. At the beginning of last year, a strongly recommended firmware update for the SSD 980 Pro was available. Just two weeks later, Samsung distributed a firmware update for the SSD 990 Pro that was intended to correct rapid wear and tear.
The software is therefore likely to be widely used. Anyone who has examined or updated a Samsung SSD or other storage media from the manufacturer with the software in the past could still have a vulnerable software version lying dormant on the hard drive.
(dmk)