NEWS
Samsung Issues Critical Galaxy Patch As One UI 8.5 Finally Lands
Samsung shipped a critical Galaxy update this week that patches a zero-click Android bug, CVE-2026-0073, capable of giving a nearby attacker shell-level code execution with no user interaction. The long-delayed One UI 8.5 stable rollout also reached the Galaxy S25 in Korea, with international markets following through May.
The Patch Galaxy Owners Cannot Skip This Month
Samsung’s May 2026 Mobile Security maintenance bulletin lists CVE-2026-0073 and CVE-2026-0051 as the two critical fixes for the month. Google rates the first at CVSS 8.8 and labels it remote code execution. The second sits inside Samsung’s own software stack.
Together they push every Galaxy owner into the same do-not-skip patch window every Android phone vendor faces this May. There is no carrier exception, no model carve-out, no defer-by-a-week excuse worth the risk.
The trigger is simple: if your Galaxy reports a security patch level dated 2026-05-01 or later, the bug is closed. Anything earlier still carries the unpatched flaw.

Inside CVE-2026-0073, A Wireless ADB Flaw With Shell Power
The bug lives in adbd, the daemon that powers Android Debug Bridge. The function adbd_tls_verify_cert in auth.cpp had a logic error that lets an attacker bypass mutual authentication for wireless ADB sessions.
That sounds specialized. The exploit path is anything but. An attacker who can reach the device on a shared network can authenticate as a paired ADB host and run code as the shell user. Shell isn’t root, but shell is enough to siphon files, install apps with hidden flags, and pivot toward higher privileges.
“User interaction is not needed for exploitation,” reads Google’s May 2026 Android Security Bulletin, published May 4. There is no link to click. There is no SMS to open. There is no consent step at any point in the chain.
Affected versions span Android 14, 15, 16, and 16-QPR2. Devices on Android 13 or earlier won’t get the fix. Google’s official security support for those branches ended in March, which leaves a meaningful slice of older Galaxy A-series and J-series phones outside the patch.
- CVSS 8.8 is the severity score Google assigned to CVE-2026-0073, anchoring it firmly in the critical band.
- Zero clicks are required from the user to trigger code execution on a vulnerable Galaxy device.
- Four Android branches are affected: 14, 15, 16, and 16-QPR2.
- 2026-05-01 is the minimum security patch level that closes the bug on Samsung devices.
Why Proximal Risk Still Matters On Real Phones
Google classifies the attack vector as proximal or adjacent. The attacker needs to be on the same network or within radio range of the target. They don’t need to plant malware first. They don’t need to phish anyone.
Most Galaxy owners spend a few hours a day on coffee shop Wi-Fi, hotel networks, airports, and conference floors. Each of those is a same-network environment where a malicious laptop or compromised guest device sits one packet away from your phone. That’s why Google held the rating at critical despite the proximity gate.
One UI 8.5 Finally Lands On The Galaxy S25
Samsung’s One UI 8.5 stable rollout began on April 30 in South Korea for the Galaxy S25 series. Build firmware ZZE3 carried the upgrade alongside the May patch level. International waves followed from around May 4 through the Galaxy S25, S25+, S25 Ultra, and S25 Edge in Europe and North America, per Samsung’s Samsung Members community announcement on the One UI 8.5 stable rollout.
The wait was long. Samsung pushed ten beta builds for the S25 line before the stable cut. Each beta closed off small breakages in the camera pipeline, call screen lag, Bluetooth crashes, and battery drain quirks.
Galaxy S25 owners watched the Galaxy S26 ship from the factory with One UI 8.5 already loaded for months. The new flagship arrived with a feature build that last year’s flagship did not. That asymmetry, awkward for any company that sells phones, is finally over.
The rollout window for most eligible Galaxy phones and tablets runs from May 4 through May 30. Galaxy S24, the Z Fold 6, Z Flip 6, and Galaxy Tab S10 sit in the second wave.
Carrier-locked variants in the United States and Canada are tracking one to two weeks behind the unlocked schedule, which is the usual cost of carrier QA passes.
- April 30: Stable One UI 8.5 begins on the Galaxy S25 in South Korea.
- May 4: Google publishes the May 2026 Android Security Bulletin including CVE-2026-0073.
- May 4 to May 9: International rollout reaches the United States, Western Europe, and Canada.
- May 4 to May 30: Samsung’s stated window for stable rollout to most eligible Galaxy phones and tablets.
The Features That Make The Wait Worth It
One UI 8.5 sits on top of Android 16. The headline change is a visual reskin Samsung calls Ambient Design, with blur and depth effects redrawn across system surfaces and stock apps. The deeper change is what powers Bixby.
Samsung swapped the brain inside Bixby for Perplexity. The reworked assistant is now better at finding the right setting from a vague prompt, summarising emails, and answering questions that would normally route to web search.
Several other tools that debuted on the Galaxy S26 ship to the S25 line in this build:
- Audio Eraser: Real-time background noise reduction across third-party apps including YouTube and Instagram playback.
- Call Screening: Bixby Text Call answers screened calls, asks the caller to identify themselves, and surfaces a transcript before you commit to picking up.
- Photo Assist: Generative editing tools applied to existing Gallery shots, including object removal and frame extension.
- Creative Studio: Sketch-to-image and quick-edit workflows tied into Notes and Gallery.
Ambient Design And A Quieter Visual Language
Ambient Design is what S25 owners notice first. Notification panels gain a translucent blur that lets the wallpaper bleed through. Quick Settings tiles soften their edges. The keyboard, the recents view, and the volume sliders all pick up the same treatment.
The redesign is the kind of system-wide refresh Apple and Google have both shipped in recent years, and Samsung is now matching that visual register on Galaxy. The change is broad. It is also free, which is the part casual users tend to forget about flagship-grade software updates.
Perplexity Now Lives Inside Bixby
The Perplexity integration is the more interesting under-the-hood story. Bixby has spent years as the assistant nobody chose. Replacing the language model behind it with a search-tuned LLM is Samsung admitting that on-device AI from a third party beats a homegrown effort built in isolation.
Voice queries route through Perplexity’s models when network access is available, with a Samsung policy layer in front to gate sensitive system commands. Early demos handle prompts like “set my alarm for the call my brother said was at six” without breaking, which is the kind of casual phrasing older Bixby builds choked on.
The Awkward Math Behind Samsung’s Two-Track Update Cycle
Samsung’s update cadence has a structural problem visible this month. One UI 8.5 stable hit the Galaxy S25 about ten weeks behind the Galaxy S26 launch. One UI 9.0 internal builds, based on Android 17, are already running on engineering Galaxy S26 units. By the time S25 owners finish digesting 8.5, Samsung will be teasing 9.0 beta.
The pattern echoes last year, when One UI 8 began testing on the Galaxy S25 line before One UI 7 finished rolling out to older devices. Samsung’s customers learn what the next OS will look like on a phone they don’t own, while the phone they bought waits in line.
Pixel still holds the cadence advantage. Google ships the AOSP version on day one. Samsung’s translation layer adds time, and the Korea-first rollout policy adds more.
Security Maintenance Releases only include security patches and don’t include additional bug fixes on the platform.
That language sits inside Samsung’s Knox software lifecycle and updates whitepaper. The point Samsung is making is that the May patch and the One UI 8.5 stable upgrade do different jobs, and a delay in one doesn’t excuse skipping the other. Galaxy S25 owners stuck on the older feature build still need the May security patch installed today.
How To Check Your Galaxy Phone Right Now
The minimum bar for safety from CVE-2026-0073 on a Samsung Galaxy device is the security patch level dated 2026-05-01 or later. That string lives in your settings.
If your phone reports an April 1 or earlier patch level, the bug is open on your device. Updating the One UI feature version is a separate process. Some Galaxy owners outside Samsung’s first rollout markets will see the May security patch before the One UI 8.5 stable file lands, which is fine. Take the security floor first and the cosmetic upgrade second.
For Samsung component-level patches that ship through silicon firmware, the Samsung Semiconductor product security updates page tracks Exynos and modem-side fixes that don’t always show up in the main Android security bulletin.
- Open Settings and scroll to Software update.
- Tap Download and install, then wait for the prompt to refresh against Samsung’s servers.
- Verify the patch level by going to About phone, then Software information, then Android security update.
- Reboot the device once the install completes, even if Samsung’s prompt skips that step.
Frequently Asked Questions
Do I Need To Do Anything If My Galaxy Already Shows The May 1 Patch Level?
No. You’re covered for CVE-2026-0073 if the patch level on your About phone screen reads 2026-05-01 or later. That means the bug is closed on your device. The One UI 8.5 stable file is a separate, larger download that brings Ambient Design and Perplexity Bixby to the Galaxy S25. You’ll see it as a normal software update prompt over the next few days.
Will My Galaxy S22 Or Older Phone Get The May Patch?
Yes if it’s still inside Samsung’s monthly support window. The Galaxy S22 series, S23, S24, S25, the Z Fold and Z Flip lines, the Tab S9 and S10, and most A-series phones from 2023 onward stay in active monthly cadence. Anything older than five years from launch is on quarterly or biannual cycles. Samsung’s mobile security update page lists the exact tier for your model.
How Dangerous Is CVE-2026-0073 For Someone Who Only Uses Home Wi-Fi?
Lower than for someone on public networks, but not zero. The attacker needs to share the same network as your phone. Anyone with your home Wi-Fi password fits that profile, including a guest device that has been compromised elsewhere and joined your network. Patching closes the path regardless of who shares your access point. Install the May update tonight if you haven’t.
What If One UI 8.5 Doesn’t Show Up On My Galaxy S25 Yet?
Wait. Samsung’s stated rollout window for most eligible models runs through May 30. Markets after Korea include the United States, Western Europe, India, and Canada in staggered waves between May 4 and May 9. If you’re past the window and still see only an older firmware, check whether your carrier has approved the build. Carrier-locked phones often lag the unlocked timeline by one or two weeks.
Is It Safe To Install The One UI 8.5 Stable Update On Day One?
Yes for most users. The S25 line ran ten public beta builds before the stable cut, and Samsung documented the bug fixes for camera green-line artifacts, Bluetooth crashes, and call screen delays. Back up your photos before installing, and set aside about twenty minutes for the install plus first-boot indexing. Avoid kicking it off right before a flight or a workday meeting.
Samsung’s May rollout is two stories layered on each other this week, one urgent and one cosmetic. The urgent one belongs in your Settings app tonight. The cosmetic one will reach you on its own pace, and the version after it is already taking shape on a phone most Galaxy owners haven’t bought.
Disclaimer: This article describes a publicly disclosed Android vulnerability and Samsung’s corresponding security update. The information is for general awareness only and is not a substitute for formal device management guidance from your IT or security team. Update availability varies by carrier, region, and Galaxy model, and the patch and rollout details cited reflect Samsung’s published schedule as of May 6, 2026. Verify the security patch level on your device before relying on protection.
-
GAMING4 weeks agoMicrosoft Xbox Layoffs Start in July as Sharma Slams 3% Margin
-
NEWS1 month agoGoogle Search Profiles Build a Follow Graph Inside Discover
-
AI2 weeks agoGoogle DeepMind and A24 Sign $75 Million AI Partnership Deal
-
APPS4 weeks agoDGO App Brings Rs 549 Mobile Pass for FIFA World Cup 2026 in Nepal
-
AI2 weeks agoOracle Cuts 21,000 Jobs in a Year, Cites AI in 10-K Filing
-
NEWS1 month agoOppo’s ColorOS 17 Eligibility List Leaves A-Series Buyers Behind
-
AI2 weeks agoAnthropic Tells Senators Alibaba Ran the Largest Claude Distillation Attack
-
NEWS2 months agoApple Strikes Preliminary Deal For Intel To Make iPhone And Mac Chips
