Samsung says most of its users have Knox enabled by default and will get a prompt to apply a new security policy automatically. The company is also working on issuing an expedited firmware update to protect devices that don't have Knox enabled already.

You can make sure your phone is ready to receive the security update by following Samsung's instructions below:

Go to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is activated. At the same screen, the user may also click Check for updates to manually retrieve any new security policy updates.

So what happened? NowSecure noted Samsung's implementation of SwiftKey's predictive keyboard left a major opening for an exploit. The firm also made it clear the issue doesn't affect SwiftKey's standalone apps -- it was entirely Samsung's fault, since it gave SwiftKey's keyboard privileged user status on all of its devices.

Even worse, TechCrunch notes that Samsung was warned about the exploit months ago by NowSecure. At the time, it told the security firm that a fix was already sent to carriers. But after NowSecure discovered Galaxy S6 phones from Verizon and Sprint were still vulnerable, it decided to announce the vulnerability at a hacker conference, forcing Samsung to respond.