Samsung’s Secure Folder is a private space to store sensitive files, apps, or even photos on the Galaxy device. This has pin/pattern authentication, preventing intruders from accessing the space. However, a vulnerability from earlier this year let anyone see what’s inside it. Android Authority now reports that Samsung may fix the Secure Folder flaw with the upcoming One UI 8 release .

Samsung Secure Folder flaw lets anyone see sensitive information

To understand the flaw better, you need to know how Secure Folder works. Android “Profiles” are a sandboxed space that offers their own app data, separate from the main user profile. They share some system-wide settings and the same lifecycle. With Android 15, Google added a “Private” profile to support Google’s Private Space feature.

The Secure Folder, introduced by Samsung in 2017, was implemented as a “work profile.” However, this created an issue as some system components would improperly identify Samsung’s Secure Folder as a standard work profile. This is an issue since the Secure Folder is a much secure private environment, which some system components failed to recognise. This led them to unintentionally reveal the sensitive information inside the folder.

How is this possible, you ask? Google controls certain core components like Photo Picker and Permission. These components are designed in a way to recognize and hide content within Android 15’s “private” profiles. However, these don’t offer the same protection to “work” profiles. This is the reason for Samsung’s Secure Folder’s flaw, which revealed photos and other sensitive information.

One UI 8 may fix this vulnerability

One UI 8, based on Android 16 , will reportedly introduce a fix to this by reclassifying Secure Folder as a “private” profile. This change means that Google’s Photo Picker and Permission Controller now recognize it as a secure environment and actually hide the files and app information. This protection is also reportedly active only when the Secure Folder is fully hidden and not just closed. This move encrypts the data inside and stops it from running behind screens and even pushing notifications.

Samsung Secure Folder Update - 1

Android Authority also reports that Secure Folder still doesn’t fully integrate with third-party launchers. This is despite Google enabling Private Space support for third-party launchers in Android 15. It looks like Samsung hasn’t made the changes required for this.