Update from April 12: It has been confirmed (via 4Kfilm.de) that all LG models running the webOS versions listed below are affected (not just the TV models listed below). If you own an LG TV from 2019 onwards, it is affected by security vulnerabilities and you should download the latest software update.
If your LG TV is running webOS versions 4 to 7, you might have heard the recent report that it was vulnerable to a serious hack. Bitdefender raised concerns yesterday (April 9) that the vulnerability – which affects LG TVs and its commercial signage monitors too – enabled hackers to gain root access to the operating system, effectively giving them full and unlimited access to the TV or monitor.
Thankfully, LG has now confirmed that the security vulnerabilities have been patched in a recent update. The TV maker told TechRadar that "LG was aware of the issue, and all necessary patches have now been completed. We can confirm LG smart TVs are safe and security is our highest priority. Customers are advised to enable automatic software updates".
Bitdefender says it notified LG of the problem in November 2023 and that a patch was released on March 22, 2024. These are the operating systems and LG TVs that Bitdefender says were potentially compromised. If one of them is yours, you really need to download the latest software patch or at least, set automatic updates like LG suggests.
Which LG TVs are currently vulnerable to a serious hack?
According to Bitdefender, the vulnerability can be found in the following OS versions and TV models:
- webOS 4.9.7 - 5.30.40 running on LG43UM7000PLA
- webOS 5.5.0 - 04.50.51 running on OLED55CXPUA
- webOS 6.3.3-442 (kisscurl-kinglake) - 03.36.50 running on OLED48C1PUB
- webOS 7.3.1-43 (mullet-mebin) - 03.33.85 running on OLED55A23LA
LG has created patches for all four vulnerabilities, and you can download them via the settings menu of your set. It's important to make sure that you update your set if you're potentially affected because it will stop online villains from accessing your installed apps, logged in account details and even attached webcams.
Some of the commentary around these vulnerabilities has been a little overwrought, with suggestions that we should disconnect all our TVs from the internet or replace them with TVs that don't have smart features. But that's hardly sensible or practical, as of course online features are a big part of the reason people buy these TVs in the first place.
What the news does demonstrate, though, is that we need to remember that internet-connected anythings need to be kept up to date – something that applies just as much to the best TVs as it does to PCs.