“Millions of smartphones and tablets running Google Inc.’s Android operating system have the Heartbleed software bug, in a sign of how broadly the flaw extends beyond the Internet and into consumer devices,” Jordan Robertson reports for Bloomberg News. “While Google said in a blog post on April 9 that all versions of Android are immune to the flaw, it added that the ‘limited exception’ was one version dubbed 4.1.1, which was released in 2012.”

“Security researchers said that version of Android is still used in millions of smartphones and tablets, including popular models made by Samsung Electronics Co., HTC Corp. and other manufacturers,” Robertson reports. “Google statistics show that 34 percent of Android devices use variations of the 4.1 software. The company said less than 10 percent of active devices are vulnerable. More than 900 million Android devices have been activated worldwide.”

Robertson reports, “‘One of the major issues with Android is the update cycle is really long,’ said Michael Shaulov, chief executive officer and co-founder of Lacoon Security Ltd., a cyber-security company focused on advanced mobile threats. ‘The device manufacturers and the carriers need to do something with the patch, and that’s usually a really long process.’ Christopher Katsaros, a spokesman for Mountain View, California-based Google, confirmed there are millions of Android 4.1.1 devices.”

Read more in the full article here.

Related articles:
Apple’s iOS, OS X don’t have Heartbleed bug but Android and BlackBerry’s BBM do – April 11, 2014
Apple on ‘Heartbleed’ bug: iPhone, iPad, Mac and iCloud unaffected – April 10, 2014
What to do about Heartbleed, a gaping security hole affecting 66 percent of the Internet (at least) – April 9, 2014