‫ Lagging Android devices vulnerable to Heartbleed

Date: 2014-04-12

According to “zdnet”, client-side applications can be vulnerable too, not just servers — particularly those running on Android 4.1.x.

Google yesterday confirmed Android 4.1.1, Jelly Bean, was affected by the flaw and it was developing a patch and distributing it to Android partners.

It's not clear how many Android 4.1.1 devices exist but according to Google's Android distribution dashboard 4.1.x accounts for about 35 percent of all Android devices.More than one-third of operational Android devices are still running version 4.1.x, Williams said.

Unlike most Linux distributions, which the researchers praised for issuing OpenSSL patches promptly, they were scathing of Android for the availability of patches being "a little bit less than desired", as Williams put it.

Lyne warned that criminals are starting to take advantage of Heartbleed's high media profile.

"Through today, the cyber criminals really wised up to the fact that this was an interesting topic for the mainstream media, beyond being an interesting bug. So we've started seeing lots of spam messages about Heartbleed being used as a mechanism to distribute other malicious code and scams." he said.

Related Links:

Heartbleed flaw affects mobile apps

Cisco, Juniper products affected by Heartbleed

'Heartbleed' bug in OpenSSL puts encrypted communications at risk


بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 23 فروردین 1393



امتیاز شما
تعداد امتیازها:0