The Heartbleed Bug Is Still Affecting Millions Of Android Devices
Carlos Barria/Reuters
On its official blog, the search engine giant said that all versions of Android are immune to the bug-except for one, which happens to be among the most widely used iterations of the software.
First spotted by Bloomberg, Google's blog post says that Android 4.1.1 Jelly Bean is susceptible to Heartbleed, a bug that can trick a server into spilling out data from its memory. According to the most recent statistics from Google, Android 4.1 accounts for 34.4 percent of handsets powered by Android.
Of these devices, however, it's unclear exactly how many are running on the sub-version 4.1.1. Google's statistics only specify the market share percentage for Android 4.1 Jelly Bean, but there are a few newer versions of that software including version 4.1.1, which is said to be vulnerable to the bug, and version 4.1.2.
Security researchers have reportedly told Bloomberg that Android 4.1.1 is still used in millions of smartphones and tablets, including some made by Samsung and HTC. Google spokesperson Christopher Katsaros also confirmed to Bloomberg that there are millions of devices running on the affected software.
Since version 4.1.1 Jelly Bean debuted in 2012, its likely to be found on older Android smartphones that are updated less frequently than the newer flagships.
The process of updated Android smartphones can sometimes take a long time because the update must first be approved by specific device manufacturers (i.e. Samsung, LG, etc.) before rolling out to the carriers (Verizon, Sprint, etc.). It then must be approved by the carriers before it reaches your smartphone.
Google's own devices (i.e. the Nexus 5 and Nexus 10 tablet), or any handsets running on pure Android such as Samsung and HTC's Google Play edition smartphones, are usually the first priority when it comes to receiving software updates.
To check which version of Android your device is running, head over to the Settings Menu and navigate to the About Phone option. This will tell you what version of Android is currently running, and you can usually check for software updates from here as well.
Verizon has told Bloomberg that it is "working with device manufacturers to test and deploy patches to any affected device on our network running Android 4.1.1."
The Heartbleed bug was discovered earlier this month by Google Security's Neel Mehta and a team of engineers at Finnish security firm Codenomicon. The flaw affects a version of OpenSSL, an encryption standard used by a huge chunk of the Internet, and it can trick a server into copying information from its memory without realizing it. The vulnerability is so difficult to detect because it strikes at such an early stage in communication between servers, Codenomicon told Business Insider.
- I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
- Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
- I tutor the children of some of Dubai's richest people. One of them paid me $3,000 to do his homework.
- Why are so many elite coaches moving to Western countries?
- Global GDP to face a 19% decline by 2050 due to climate change, study projects
- 5 things to keep in mind before taking a personal loan
- Markets face heavy fluctuations; settle lower taking downtrend to 4th day
- Move over Bollywood, audio shows are starting to enter the coveted ‘100 Crores Club’