heartbleed bugIt turns out that the Heartbleed bug that possibly exposed users of many websites, which have since patched the bug, is now affecting about 34 percent of Android devices, according to a Google blog post and the company’s statistics. Even though Google was able to patch most of its products affected by Heartbleed, such as Gmail and other versions of the Android operating system, it still has not been able to release a patch for the widely-used Android operating system called Android 4.1.1 Jelly Bean.

What is the Heartbleed bug?

Heartbleed is a flaw that allows third parties to gain access to information that users enter into encrypted websites on OpenSSL, one of the most popular sets of encryption tools. This bug was estimated to have impacted half a million websites, including Google, Yahoo and others. See a complete list of websites affected with the Heartbleed bug.

How can I check if my device is affected?

There are a couple of routes you can go to verify the security of your device, including checking the version of your device’s operating system or using an app to help you determine if your device is vulnerable to the Heartbleed bug. To check your device for yourself, go to the “Settings” menu on your device, then select the “About device” tab. There you’ll be able to see which version of the Android operating system you have on your phone. For example, the screenshots of the Samsung Galaxy S4 below show that the device is running on Android 4.4.2 KitKat, which means the device is safe from the Heartbleed bug.

Heartbleed bug

An alternative route to checking your device for yourself is to download the Lookout Mobile Security’s “Heartbleed Detector” app from the Google Play Store. This app will be able to tell you if your device runs on the version of OpenSSL infected with the Heartbleed bug, and if Heartbleed is enabled or not enabled on your operating system, letting you know that you do or do not need to take additional action.

What should I do if my devices run on that operating system?

Since Google has not released a patch for the Android 4.1.1 Jelly Bean operating system, you’ll want to update your operating system immediately. To do this, go to “Settings” then select “System Update.” There you will see any available updates for your device and be able to download them.

Are there other ways that I can protect myself from Heartbleed?

In addition to making sure your operating system is up to date, you should also make sure you change your passwords for any websites that have released patches for the OpenSSL flaw, which are listed here.

Learn more about identity theft and ways to protect yourself in every aspect of your life by visiting the identity theft protection blog.