Saturday, April 12, 2014

Android Devices Are Vulnerable To Heartbleed Bug


Many Android Devices Are Vulnerable To Heartbleed Bug. Google recently reported that Android OS are vulnerable to Heartbleed Bug.

According to Google online security blog,
"We’ve assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine.  Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this -- and encourage others to report them -- so that that we can fix software flaws before they are exploited.

If you are a Google Cloud Platform or Google Search Appliance customer, or don’t use the latest version of Android, here is what you need to know.

Cloud SQL
We are currently patching Cloud SQL, with the patch rolling out to all instances today and tomorrow. In the meantime, users should use the IP whitelisting function to ensure that only known hosts can access their instances.

Android
All versions of Android are immune to CVE-2014-0160 (with the limited exception of Android 4.1.1; patching information for Android 4.1.1 is being distributed to Android partners.
"

What is Heartbleed Bug?
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.

The Heartbleed vulnerability exposed this week. Bug effected OpenSSL versions released in past two years. In vulnerable system, hackers can collect all encrypted data from a website's server before its deleted can say Zero day vulnerability.

According to report WSJ, Donations have picked up since Monday. This week, it had raised $841.70 as of Wednesday afternoon.

Check your server for Heartbleed Bug causing.
http://filippo.io/Heartbleed/
Enter a URL or a hostname to test the server for CVE-2014-0160

What is the CVE-2014-0160?
CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability. 


Security Notice:
Some are websites also affected by Heartbleed Bug. You should change the passwords of your Email and Social Network accounts now. Mashable noticed Heartbleed hit list website affected.

0 on: "Android Devices Are Vulnerable To Heartbleed Bug"