Select Page

G610FDXU1BRB3 | Galaxy J7 Prime SM-G610F XME Malaysia

G610FDXU1BRB3 | Galaxy J7 Prime SM-G610F XME Malaysia

You’re going to download the Samsung Galaxy J7 Prime SM-G610F Firmware G610FDXU1BRB3 Android 7.0 Nougat from Yes Android Website

Samsung is rolling out the February 2018 security update for the Galaxy J7 Prime based on Android 7.0 Nougat, and you can download this Stock Firmware Update for your Galaxy J7 Prime here from Yes Android.

The February 2018 Security Patch Update brings fixes for some issues such as critical vulnerabilities that detected in the Android OS as well as scores of moderate-risk and high-risk vulnerabilities.

You can check the details of the G610FDXU1BRB3 February 2018 Security Update Changelog at the bottom of this page.

Download the firmware update for the Samsung Galaxy J7 Prime SM-G610F. Product Code for this firmware is XME and it’s from Country/ Carrier Malaysia.

The PDA Version of this Firmware is G610FDXU1BRB3, CSC is G610FOLB1BRB3, and Android Version is 7.0 Nougat.

The changelist for this firmware is 12149057, build date is 27.02.2018 and the Security patch level date is 01.02.2018.

WARNING: This Stock Firmware Update released only for Samsung Galaxy J7 Prime SM-G610F, so do NOT try it in another Model number even if it has the same Device's name.

Flashing wrong Firmware with Odin Tool or any other tools will brick you Android Phone, so you are the only one who responsible for that (We are NOT).


Full Details about G610FDXU1BRB3 Galaxy J7 Prime SM-G610F Stock Firmware

Model Name SAMSUNG Galaxy J7 Prime
Model Number SM-G610F
Country/ Carrier Malaysia
Region Code XME
Android Version Android 7.0 Nougat
PDA G610FDXU1BRB3
CSC G610FOLB1BRB3
Changelist 12149057
Build Date 27.02.2018
Security Patch Level

01.02.2018


Samsung Galaxy J7 Prime SM-G610F Stock Firmware Download

Download Page1 Download Page2

More Stock Firmware Updates for SM-G610F

 


Samsung Galaxy J7 Prime Review Video

Feel Free to Share this Firmware Update with your Friends.

How to Flash the Firmware Update With Odin Flashing Tool?

Brief instructions about Firmware Flashing

– Extract (unzip) the firmware file that you have downloaded.
– Download Odin Flashing Tool.
– Extract Odin ZIP file.
– Open Odin Flashing Tool.
– Reboot your Phone in Download Mode (press and hold Home + Power + Volume Down buttons).
– Connect your phone to the PC and wait until you get a blue sign in Odin.
– Add the firmware file to AP / PDA.
– Make sure re-partition option is not ticked.
– Click the start button, and wait few minutes.

Follow this tutorial for detailed and Step-by-step instructions.

Samsung February 2018 Security Patch Update Details (SMR-FEB-2018)

Along with Google patches, Samsung Mobile provides 16 Samsung Vulnerabilities and Exposures (SVE) items described below, in order to improve our customer’s confidence on security of Samsung Mobile devices. Samsung security index (SSI), found in “Security software version”, SMR Feb-2018 Release 1 includes all patches from Samsung and Google. Some of the SVE items may not be included in this package, in case these items were already included in a previous maintenance release.

SVE-2017-10991: Heap overflow in sensorhub binder service lead to code execution in privileged process

Severity: Moderate
Affected Versions: M(6.0), N(7.x)
Reported on: November 8, 2017
Disclosure status: Privately disclosed.
Heap overflow vulnerability in sensorhub binder service can lead to code execution in privileged process.
The patch checks the size of buffer before the memcpy() to avoid heap overflow.

SVE-2017-11165: Buffer overflow in vision

Severity: High
Affected Versions: N(7.x)
Reported on: November 8, 2017
Disclosure status: Privately disclosed.
Buffer overflow vulnerability in vision service can lead to local arbitrary code execution in a privileged process when the frame size is over 2M.
The patch protects the size under enqueue frame using memcpy.

SVE-2017-10747: Code Execution and arbitrary file loading in Email

Severity: Critical
Affected Versions: M(6.0)
Reported on: Nobember 2, 2017
Disclosure status: Privately disclosed.
Vulnerability email app allows an attacker to execute javascript using event attribute and load arbitrary local file using src attribute.
The patch restricts the file scheme and javascript in event attribute.

SVE-2017-11106: App Pinning Bypass via Dex Station

Severity: Moderate
Affected Versions: N(7.x)
Reported on: December 16, 2017
Disclosure status: Privately disclosed.
Pin windows with “Use screen lock type to unpin” option allows an attacker to bypass lock screen without user authentication by changing Samsung DeX mode.
The patch protects the device using a screen lock type when turning the Samsung DeX on.

SVE-2017-10932: Arbitrary application installation in Secure Folder

Severity: Moderate
Affected Versions: N(7.x)
Reported on: November 10, 2017
Disclosure status: Privately disclosed.
A random APK can be installed through Secure Folder SDCARD area.
The patch fixed the logic to check package signature and package name to install verified Backup and restore APK.

SVE-2017-11105: Code execution in Samsung Gallery

Severity: Low
Affected Versions: L(5.x), M(6.0), N(7.x)
Reported on: November 8, 2017
Disclosure status: Privately disclosed.
Vulnerability in Gallery allows code execution with a BMP file.
The patch fixed the parser to validate proper resolution of BMP file.

SVE-2017-10733: Stack overflow in Trustlet

Severity: Critical
Affected Versions: M(6.0) OS( Exynos devices)
Reported on: September 15, 2017
Disclosure status: Privately disclosed.
Vulnerability in Trustlet allows an attacker to obtain pin/password/pattern lock screen data with system privileges.
The patch prevents arbitrary code execution in TEE through stack overflow attack.

SVE-2017-11175: Information disclosure vulnerability in trustonic_tee structure

Severity: Low
Affected Versions: M(6.0), N(7.x), O(8.0) OS( Exynos, Qualcomm devices)
Reported on: October 02, 2017
Disclosure status: Privately disclosed.
A vulnerability allows an attacker to use an exposed kernel address for future attack scenarios.
The patch prevents format string from exposing kernel address.

SVE-2017-11174: Read after free (UAF) in get_kek

Severity: Low
Affected Versions: L(5.1), M(6.0), N(7.x)
Reported on: November 4, 2017
Disclosure status: Privately disclosed.
Assuming system privilege escalation is achieved, absence of synchronizing system in get_kek can bring out race condition and result in use after free vulnerability.
The patch activates the synchronizing system and prevents use of free problems.

SVE-2017-11176: Use after free in vnswap_deinit_backing_storage

Severity: Low
Affected Versions: L(5.x), M(6.0), N(7.x)
Reported on: November 29, 2017
Disclosure status: Privately disclosed.
Assuming root privilege escalation is achieved, absence of synchronizing system in vnswap_deinit_backing_storage can bring out race condition and result in use after free vulnerability.
The patch activates the synchronizing system and prevents use of free problems.

SVE-2017-11177: Double free in vnswap_init_backing_storage

Severity: Low
Affected Versions: L(5.x), M(6.0), N(7.x)
Reported on: October 26, 2017
Disclosure status: Privately disclosed.
Assuming root privilege escalation is achieved, there is a double free vulnerability by race condition, when more than one process executes vnswap_init_backing_storage.
The patch prevents double free issues by applying synchronization mechanism.

SVE-2017-10638: Information disclosure on Trustlet

Severity: Low
Affected Versions: L(5.X) Qualcomm models and N(7.x) Exynos models
Reported on: September 29, 2017
Disclosure status: This issue is publicly known.
A session information of trustlet is logged with user binary.
The patch prevents a trustlet log which includes session information of the trustlet.

Some SVE items included in the Samsung Android Security Update cannot be disclosed at this time.

See Full details about February 2018 Security Patch Update here.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories