Heartbleed is now a renowned name in the cyber world. And since its inception this bug has affected millions of websites. Now all of you may be aware of OpenSSL Heartbleed Bug “CVE-2014-0160”. For website owner we have already provided the solution to fix Heartbleed. This bug has also infected Android Operating Systems.
Not even mobile platforms like Android, Blackberry, and IOS are safe from this serious bug. Google had announced that its android Jelly Bean OS 4.1.1 is also vulnerable to Heartbleed bug.
The good news is Google has released its patch on 9/4/2014 and distributed to the android partners to protect users unable of running recent OS versions.
However, manufacturers have not released this new patch, so users are still at risk. Google statistics revealed that only 10% of users have Android 4.1.1 jelly Bean, but in real almost 1 billion users have jelly Bean OS in their Smartphones. Therefore, users have to wait for the recent Heartbleed fix.
Lookout – A Heartbleed Scanner Application:
Lookout, a security firm has made an app named “Heartbleed Security Scanner” is available on Google Play Store that will reveal, whether your Smartphone is vulnerable to Heartbleed bug or not. After installing app on your android device, you have to click on it, and the app will scan your device.
- If your device is infected with Heartbleed bug, and the behavior is suspicious, then it will show an orange yellow mark on the screen shown in below image-1.
- If your device is safe from Heartbleed bug, then the screen will look like in Image-2.
- If the device has suspicious behavior and is infected with Heartbleed bug, it will show an orange yellow mark on the screen shown in below image-3
- However, image-1 and Image-2 shows positive result but image-3 shows negative result.
The application finds out about the OpenSSL version that the device is using, and then verifies that device is affected with specific Heartbleed bug or not.
Models that will remain vulnerable:
However, there are SmartPhones like HTC One S, Sony Xperia J, and Asus PadFone 2 that released last year unable to surpass Android 4.1.1 Jelly Bean.
What did Smartphone Manufacturers Say?
- HTC said in its statement, “Privacy and security are important to HTC and we are committed to helping safeguard our customers’ devices and data”. “We are currently working to implement the security patch issued by Google this week to the small number of older devices that are on Android 4.1.1.”
- Asus said, the company will release the update in near time but did not specify the date of update release.
- Blackberry said, the company will release a patch for Heartbleed on 19/4/2014, and added that there are minor possibilities for hackers to pinch user data on Blackberry device.
Security firms warned that many users access thousands of apps on Google Play store and IOS App Store and even Blackberry’s BBM application need to be fixed Heartbleed bug.