Millions of Devices With Android Version 4.1.1 “Jellybean” Vulnerable to Heartbleed

 Wikimedia Commons image

Wikimedia Commons image

We know by now that many popular sites were recently affected by the Heartbleed bug vulnerability, but according to an announcement by Google on April 9, 2014, devices running Android 4.1.1 (aka “Jellybean”) are not immune to the vulnerability. According to Christopher Katsaros, spokesperson for Google, there are millions of Android 4.1.1 devices.

The affected version was released in 2012 and is estimated to be running on more than a third of Android devices, according to Android.

Verizon spokesperson Albert Aydin reported in an email that “other mobile operating systems we offer are not affected by this vulnerability” and they have “no reason to believe that the issue has resulted in any compromise of Verizon customer accounts, websites, or data.”

Microsoft Corp. has reported that Windows and Windows Phone operating systems and most services are not impacted by Heartbleed.

How to Check Your Device

Go to Settings ->About Phone to confirm your version and check for updates. An app is also available to scan your device for the vulnerability.

According to Google’s announcement, “patching information for Android 4.1.1 is being distributed to Android partners.” While Google has provided a patch, it is up to handset makers and wireless carriers to update the devices.


What do you think?

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s