Google has revealed that the devices running on Android 4.1.1 are impacted the Heartbleed bug, which has been the talk of the town for the last few days. The same has been confirmed by the various security researchers.
With around 10 percent of the active Android devices running on Android 4.1.1, we are looking at millions on the consumers with a vulnerable Android device in their hands, however the situation is not dire. According to security researchers, targeting mobile devices is not as simple as targeting website servers and hackers will only be able to target a single Android device at a time. Still, there is risk for the vulnerable devices, so if your Android device is affected by heartbleed bug, you should not use it for sensitive information like bank transactions.
How to check if your Android device is affected by Heartbleed bug?
Download Lookout’s Heartbleed Detector or Bluebox’s Heartbleed Scanner apps, both of which will tell you if your Android device is affected by the bug. Bluebox’s Heartbleed Scanner also scans the applications on your Android device to check whether they contain their own openssl library, which might not be fixed. In such cases, you will have to contact the app developer to confirm.
Is there a fix for Heartbleed bug on Android?
Google has stated that it is distributing a patch for the bug to the Android manufacturers and they will be issuing an update, however it is totally up to the manufacturers to issue the update.
Further Reading: Want to read more about Heartbleed, here are some links:
HeartBleed.com, Bluebox blog post, BBC, Ars Technica