Click to Skip Ad
Closing in...
  1. Amazon Dash Smart Shelf
    15:16 Deals

    I’m obsessed with this Amazon gadget you’ve never heard of – and it&#821…

  2. Prime Day Deals 2021
    04:05 Deals

    Amazon Prime Day deals 2021: See hundreds of the best deals right here

  3. Prime Day Nest Thermostat Deal
    16:28 Deals

    The newest Nest Thermostat rarely goes on sale, but it’s $99.98 for Prime Day

  4. Prime Day Deals
    11:01 Deals

    Check these early Prime Day deals with prices so low, it’s like Amazon made a mistak…

  5. Prime Day Nintendo Switch Deals
    12:27 Deals

    Anyone with a Nintendo Switch needs to see this one Prime Day deal




Android apps vulnerable to Heartbleed have been downloaded 150 million times

April 23rd, 2014 at 8:45 PM
Android Apps Heartbleed Bug

Patching up Android to make sure it’s not vulnerable to Heartbleed is one thing. Patching all vulnerable Android apps, on the other hand, is quite another. Re/code draws our attention to a new study from research firm FireEye that claims there have been around 150 million downloads of Android apps that are vulnerable to the Heartbleed bug. And to make matters worse, the researchers say that the assorted “Heartbleed detectors” you can now find in the Google Play store will do little to help you root out vulnerable apps you’ve downloaded.

“Android apps frequently use native libraries, which either directly or indirectly leverage vulnerable OpenSSL libraries,” the researchers write. “Therefore, even though the Android platform itself is not vulnerable, attackers can still attack those vulnerable apps. They can hijack the network traffic, redirect the app to a malicious server and then send crafted heartbeats messages to the app to steal sensitive memory contents.”

Thankfully, there’s a silver lining to this: It looks like app developers are moving surprisingly quickly to patch their apps and to keep them safe from the Heartbleed vulnerability. When FireEye ran estimates on Android apps and Heartbleed vulnerabilities on April 10th, they found that apps vulnerable to the bug had been downloaded 220 million times. Just one week later when they ran their estimates on April 17th, that number had dropped to 150 million.




Popular News