Patching up Android to make sure it’s not vulnerable to Heartbleed is one thing. Patching all vulnerable Android apps, on the other hand, is quite another. Re/code draws our attention to a new study from research firm FireEye that claims there have been around 150 million downloads of Android apps that are vulnerable to the Heartbleed bug. And to make matters worse, the researchers say that the assorted “Heartbleed detectors” you can now find in the Google Play store will do little to help you root out vulnerable apps you’ve downloaded. “Android apps frequently use native libraries, which either directly or indirectly leverage vulnerable OpenSSL libraries,” the researchers write. “Therefore, even though the Android platform itself is not vulnerable, attackers
More...
Bookmarks