We know by now that many popular sites were recently affected by the Heartbleed bug vulnerability, but according to an announcement by Google on April 9, 2014, devices running Android 4.1.1 (aka “Jellybean”) are not immune to the vulnerability. According to Christopher Katsaros, spokesperson for Google, there are millions of Android 4.1.1 devices.
The affected version was released in 2012 and is estimated to be running on more than a third of Android devices, according to Android.
Verizon spokesperson Albert Aydin reported in an email that “other mobile operating systems we offer are not affected by this vulnerability” and they have “no reason to believe that the issue has resulted in any compromise of Verizon customer accounts, websites, or data.”
Microsoft Corp. has reported that Windows and Windows Phone operating systems and most services are not impacted by Heartbleed.
How to Check Your Device
Go to Settings ->About Phone to confirm your version and check for updates. An app is also available to scan your device for the vulnerability.
According to Google’s announcement, “patching information for Android 4.1.1 is being distributed to Android partners.” While Google has provided a patch, it is up to handset makers and wireless carriers to update the devices.