How to Check if Your Android Device is Vulnerable to Heartbleed

By @judithaparri on
The Canada Revenue Agency website is seen on a computer screen displaying information about an internet security vulnerability called the "Heartbleed Bug" in Toronto, April 9, 2014. Right in the heart of tax-filing season, the Canada Revenue Agency (CRA) shut down access to online tax services on April 9, 2014 because of an Internet bug that has made data on many of the world's major websites vulnerable to theft by hackers. REUTERS/Mark Blinch

Millions of Android devices could be vulnerable to the Heartbleed bug. If you are an Android user, you might already have been attacked.

The bad news is that the infamous bug is not quitting yet. The security bug might already have been on your favorite Web sites and even affect mobile devices, baring your sensitive login details such as passwords. Heartbleed lets anyone get into a Web site and easily access its contents, passwords and encryption keys.

Web sites have their own way of protecting their contents against any attacker such as a virus, hacker or spammer who could simply make a mess out of the online contents, read confidential data or eavesdrop on communications like emails and chats.

One security method, used by Web sites called OpenSSL, has a version vulnerable to attack and anyone exploiting the bug can leave without a trace. This means those who have ever used any of these vulnerable OpenSSL versions were not secure.

As in the part of Google, it has announced its key services are patched, and cited Android to be unaffected, except those running Android 4.1.1 Jelly Bean. This mobile OS version was released in 2012 and still being used by famous mobile devices like tablets and smartphones manufactured by Samsung, HTC Corporation and other OEMs.

According to statistics, 34 percent of Android units are using 4.1 OS variations. Google said out of active Android devices, less than 10 percent are susceptible and there are 900 million devices worldwide that run Android.

Google already sent a fix to its partners. The trouble is, however, if its partners have already implemented it with carriers testing and updates. The partners and carriers hopefully are fixing this quickly with all the issues of Heartbleed in circulation these days.

You can check yourself if your Android unit is at risk. Find out what Android version is running on your device. Go to Settings -> About Phone. Also, Lookout, a security firm, released a free app to help you check if your device is vulnerable to Heartbleed and give you results. The downloadable app is called Heartbleed Detector.

If your device is affected, you need updates that bring in the fix. Check for those in Settings -> About -> Software update.

Join the Discussion