Connect with us

NEWS

Samsung’s July Security Update Reaches the Galaxy A56, A25 and XCover 7

Samsung’s July 2026 security patch reaches the Galaxy A56, A25 and XCover 7 in scattered regions, fixing 57 flaws days before the July 22 Unpacked event.

Published

on

Samsung’s July security patch has reached three more Galaxy phones, more than a week after its flagships got it first. The Galaxy A56, Galaxy A25 and Galaxy XCover 7 are now picking up the update in scattered regions, from Brazil to the Philippines, closing out a rollout that started with the company’s foldables and top-tier phones.

It is the same sequencing that has slowed Samsung’s non-flagship updates before, and it lands five days ahead of a Galaxy Unpacked event that will pull the company’s full attention toward foldables and its next mobile operating system.

Three More Galaxy Phones Join the July Rollout

The Galaxy A56 is getting the update in Russia and Brazil first, carrying firmware version A566EXXSCCZG6. The Galaxy A25’s version is live in Puerto Rico under build A256U1UESCEZG1. The rugged Galaxy XCover 7 is rolling out across Vietnam, Thailand and the Philippines with build G556BXXSHEZG2.

All three sit on Samsung’s slower update tier by design, not by accident. The company splits its Galaxy lineup into a Monthly track for current flagships and a Quarterly track for everything else, including the A-series and rugged XCover models, a split laid out on Samsung’s own security scope page.

Model Regions So Far Firmware Build Update Tier
Galaxy A56 Russia, Brazil A566EXXSCCZG6 Quarterly
Galaxy A25 Puerto Rico A256U1UESCEZG1 Quarterly
Galaxy XCover 7 Vietnam, Thailand, Philippines G556BXXSHEZG2 Quarterly (rugged)

Samsung has not published a device-by-device order for this rollout, and none of the three has landed yet in major Western markets like the US, UK or wider Europe. The company’s own guidance is to check manually under Settings, then Software update, then Download and install, on a stable Wi-Fi connection with the battery above 40 percent.

Which Flaws Does This Patch Actually Close?

Samsung’s July release fixes 57 security vulnerabilities in total: 41 tracked through Google’s Android Security Bulletin and 16 that Samsung calls its own Vulnerabilities and Exposures, or SVEs. Five are rated critical and 42 combined are high severity, spanning devices on Android 14, 15 and 16.

  • CVE-2026-27280 – an out-of-bounds write in Adobe’s DNG imaging software kit; opening a rigged DNG photo file could let an attacker run code on the phone.
  • CVE-2026-28590, CVE-2026-28618, CVE-2026-28639 – Google’s other three critical fixes, touching core Android system components and the Media Framework.
  • CVE-2026-33636 – an out-of-bounds flaw in the libpng library on Arm-based chips, which can crash a device or expose data through a crafted image.
  • KnoxGuardManager fix – closes a bug that let a local attacker bypass the phone’s anti-theft persistence settings.
  • Samsung Pass fix (version 5.2.10.3) – patches improper input validation that could let a privileged local attacker write data outside allowed memory.

None of the disclosed flaws are remotely exploitable without some form of local access, and Samsung has not detailed proof-of-concept exploits for the five critical CVEs. That is standard practice; withholding specifics buys users time before attackers can reverse-engineer the fix.

Flagships Still Go First

Galaxy S26 Ultra owners in the Philippines were confirming the July patch as early as July 5, on Samsung’s own user community forum. By July 13, coverage showed the update had gone global for the whole S26 series. The A56 in Russia and Brazil, by contrast, did not start until the middle of the month.

That gap is not new for phones on the Quarterly tier, but it is not the whole picture either. A GalaxyClub study, reported by SamMobile as beating Samsung’s own promise, found mid-range Galaxy A phones released since 2022 have often received updates closer to every two months, well ahead of the quarterly minimum, at least in the European market it tracked.

So the A56, A25 and XCover 7 sit last in this month’s queue, but they are not being ignored over time. They are simply patched on a different clock than the phone that launched Samsung’s current flagship line.

This Same Slowdown Has Happened Three Times This Year

Rollout lag tied to a big Samsung launch is a pattern, not a one-off. It showed up earlier this year, more than once, and it is showing up again now.

  1. February 2026: Samsung’s monthly patch for non-flagship models ran late as engineering focus shifted to Galaxy S26 launch preparations, with only One UI 8.5 Beta 4 testers getting it on schedule.
  2. March 2026: that month’s rollout moved slower than usual, tied to ongoing One UI 8.5 beta testing ahead of a stable release.
  3. April 2026: Samsung skipped March’s patch for the Galaxy S26 lineup entirely and jumped straight to April’s fixes.
  4. June 2026: the June patch, covering 45 vulnerabilities, rolled out on schedule starting June 10 with the S26 series in Korea before reaching Europe and India by June 15.
  5. July 7, 2026: Samsung published this month’s bulletin detailing the 57 fixes described above.
  6. July 22, 2026: Samsung’s Unpacked event in London is set to debut new foldables and One UI 9, pulling the spotlight away from patch rollouts again.
  7. September 2026 (expected): a stable One UI 9 build is projected to begin reaching the S26, Z Fold 7 and Z Flip 7.
  8. Q4 2026 (expected): mid-range A, M and Tab models, the same tier as the A56, A25 and XCover 7, are projected to follow.

Sammy Fans reported that February’s patch was delayed by Unpacked prep, the same dynamic now playing out five days before this year’s summer event. Forbes separately confirmed June’s patch closed 45 vulnerabilities on a normal schedule, which shows the slowdown tends to cluster around launch windows rather than happening every month.

Samsung’s rugged and wearable lines have run into their own timing trouble before, too. A critical January patch that reached India months late hit the Galaxy Watch 6 earlier this year, a reminder that devices outside the core S and Z lines routinely wait longer for fixes than the flagships do.

One UI 9 Arrives July 22, Not for the A56

Samsung’s Galaxy Unpacked event lands July 22 in London, where the company is expected to unveil the Galaxy Z Fold 8, Galaxy Z Flip 8 and new wearables alongside the official debut of One UI 9, built on Android 17. The show includes a wider foldable aimed squarely at Apple’s iPhone, part of a lineup whose pricing has moved amid shrinking pre-order perks as memory prices climbed.

One UI 9 has been running in beta on the Galaxy S26 series since mid-May. A stable build is projected to reach the S26, Z Fold 7 and Z Flip 7 around September, with more than 60 devices eventually qualifying for the update. Mid-range A, M and Tab models are projected to follow through the fourth quarter, months after the phones getting the spotlight this month.

There is one wrinkle. Forbes confirmed the Galaxy A56 already joined One UI 9 beta testing, alongside the A35, A57, A37 and M34. Getting a security patch last this month does not necessarily mean getting the next operating system last too, but the phones that led this month’s rollout, the S26 and the coming Z Fold 8, are still the ones Samsung is building its next two weeks of headlines around.

Frequently Asked Questions

How do I check if my Galaxy A56, A25 or XCover 7 has the July update?

Open Settings, tap Software update, then tap Download and install, while connected to stable Wi-Fi with the battery above 40 percent. Manual checking will not push the update early; it only surfaces the patch once Samsung’s server-side rollout has actually reached your specific model and region.

What is the difference between an ASB fix and an SVE fix?

ASB stands for Android Security Bulletin, Google’s monthly list of operating-system flaws that every Android maker, including Samsung, must patch. SVE stands for Samsung Vulnerabilities and Exposures, the company’s own tracking system for bugs found in its Galaxy-specific software, like One UI, Knox and Samsung’s own apps.

When will the Galaxy A56 and XCover 7 get One UI 9?

Samsung projects mid-range A-series and rugged models to receive a stable One UI 9 build sometime in the fourth quarter of 2026, well after the September rollout planned for current flagships. The Galaxy A56 is already inside Samsung’s One UI 9 beta program, though beta access does not guarantee an early stable release.

Is the July 2026 patch available in the US or UK yet?

As of this writing, confirmed regions for the A56, A25 and XCover 7 are limited to Russia, Brazil, Puerto Rico, Vietnam, Thailand and the Philippines. Samsung has not confirmed a timeline for the US, UK or wider Western Europe, though its past rollouts typically expand within one to two weeks.

What is the most serious vulnerability this patch fixes?

The most notable is CVE-2026-27280, a flaw in Adobe’s DNG imaging software kit that could let an attacker run code on a device simply by getting the user to open a manipulated image file. It is one of five vulnerabilities Samsung rates critical this month.

As the founder of Thunder Tiger Europe Media, Dr. Elias Thornwood brings over 25 years of experience in international journalism, having reported from conflict zones in the Middle East, Asia, and Africa for outlets like BBC World and Reuters. With a PhD in International Relations from Oxford University, his expertise lies in geopolitical analysis and global diplomacy. Elias has authored two bestselling books on European foreign policy and received the Pulitzer Prize for International Reporting in 2015, establishing his authoritativeness in the field. Committed to trustworthiness, he enforces rigorous fact-checking protocols at Thunder Tiger, ensuring unbiased, evidence-based coverage of worldwide news to empower informed global audiences.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending