Heartbleed flaw is the argument that most of all is capturing the attention of the media in this period, billions of users worldwide have been impacted, there are thousands solutions affected by the vulnerability. Just yesterday I wrote about the impact of Heartbleed vulnerability publicly disclosed by two giants of the IT, CISCO and BlackBerry, which informed their customers that different solution are affected by the threatening flaw. As reported by many sources, the Heartbleed has a significant impact also on mobile users unaware of the incumbent threat. Numerous servers were exposed to serious risks due Heartbleed flaw, same servers are accessed by mobile user enlarging the surface of exposure caused by the flaw in the OpenSSL library. Let’s consider the Android platform, Google issued a specific blog post to reassure its users highlighting that Android OS was not vulnerable to the Heartbleed bug, except for a single version as explained in the following statement:
“Android – All versions of Android are immune to CVE-2014-0160 (with the limited exception of Android 4.1.1; patching information for Android 4.1.1 is being distributed to Android partners). We will continue working closely with the security research and open source communities, as doing so is one of the best ways we know to keep our users safe.”
But the version mentioned by Google, the Android 4.1.1 Jelly Bean, is probably today the most widespread version (34.4% of the Android devices, which means that at least 344 Millions of mobile suffer the vulnerability) and it uses the vulnerable version of OpenSSL.
Are you an Apple user?
“Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key web-based services were not affected,” an Apple spokesperson told Re/code.
anyway according the company BlackBerry Smartphones neither BlackBerry Infrastructure aren’t affected by the flaw. According TheHackerNews security portal the overall number of affected users is nearly 80 million people, exactly the number of BlackBerry Messenger service users.
(Security Affairs – Heartbleed, mobile)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.