Nov 21, 2024 | Updated: 11:35 AM EDT

Android Devices Hit By Heartbleed

May 02, 2014 10:58 AM EDT

There are currently millions of devices hit by the heartbleed bug with Google and Android. According to Bloomberg, millions of smartphones and tablets running Google Inc. (GOOG)’s Android operating system have the Heartbleed software bug, in a sign of how broadly the flaw extends beyond the Internet and into consumer devices.

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

A List of Android Devices Hit by Heartbleed indicates some of the many areas which security is prone. Mobile devices are included, mobile devices running Android 4.1.1 (Jelly Bean) use the OpenSSL version with the Heartbleed bug. A Google spokesperson confirmed to Bloomberg that millions of devices in use today still run 4.1.1 Jelly Bean.

According to the blog, Android apps and apps may also be affected. App developers may have used the unsafe version OpenSSL, so even if the OS version on the user device is not vulnerable, installed apps may be impacted. 

Real Time Analytics