The Heartbleed bug has potentially affected millions of internet users across the world in the last few days, garnering a large amount of press coverage at the same time. While much of this has focussed on regular, computer-based web use, many smartphone owners are understandably concerned that their devices could be affected too. Does this fear have any basis in reality?
In short, only a small number of smartphones are at risk. Google has published a blog post saying that only handsets running Android 4.1.1 could be affected by the bug and that all others are fine. Worldwide, Google says that this accounts for less than 10% of devices running the search giant’s platform, although this could still add up to around 50 million phones.
As for a fix for the problem, Google says “patching information for Android 4.1.1 is being distributed to Android partners”. In a similar way to other Android updates, the time at which they will be pushed out to handsets depends on the manufacturer.
Heartbleed exploits a flaw in a popular piece of software called OpenSSL, which is used by many websites to transfer secure information to and from users. While the bug may not end up affecting as many people as the initial hysteria surrounding it suggested, it may be a good idea to change your passwords, especially for services which may have been vulnerable to Heartbleed.
News and social blog, Mashable, has compiled a comprehensive list of them, and you can take a look at our more general tips on smartphone security while you’re at it.