How to tell if your Android device is vulnerable to Heartbleed

Believe it or not, some Android devices are susceptible to the Heartbleed bug. Here’s what you need to know.

heartbleeddetectorandroid.jpg
Jason Cipriani/CNET

The Heartbleed bug just doesn't quit. When Google announced it had patched its key services, it also mentioned Android was largely unaffected, with one (big) exception -- devices running Android 4.1.1.

The good news is Google has already sent a patch to its Android partners. The bad news? Now we have to wait for those partners to implement it, followed by carriers testing and pushing out the update. Android users know how slow this process can be. Hopefully with the critical nature of the Heartbleed bug, and the attention it's received, these partners and carriers will work quickly to get the fix out.

In the meantime, to verify if your Android device is at risk, security company Lookout has released a free app. The app, called Heartbleed Detector, scans your device and reports the results. I have yet to find a device that doesn't report that the offending version of OpenSSL is present, however if it isn't enabled, as in the photo above, then your device is not at risk.

Right now, if your device is affected, there's not much you can do other than wait for an update. You can typically check for updates by going into Settings > About > Software update.

Download Heartbleed Detector to check your device.

About the author

Jason Cipriani has been covering mobile technology news for over five years. His work spans from CNET How To and software review sections to WIRED’s Gadget Lab and Fortune.com.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

CNET's Christmas Gift Guide

Under pressure? These will deliver on time

With plenty of top-notch retailers offering digital gifts, you still have time to salvage your gift-giving reputation.