Google and BlackBerry have both confirmed that aspects of their mobile software are affected by the Heartbleed bug.
Heartbleed, which became public last week, exploits a flaw in the OpenSSL software. OpenSSL is one of the options for protecting online information and preventing criminals from ‘listening in’ to internet traffic.
This flaw means that some websites were not effectively encrypting information despite displaying the ‘https’ prefix on apparently secure web pages. Apps, email and instant messaging can also be affected, with user names, passwords and content all vulnerable.
In a blog post, Google said that all versions of Android are immune to the Heartbleed bug with the exception of Android 4.1.1. It notes that information for a ‘patch’ is being distributed to its Android partners.
BlackBerry issued a security update that said its smartphones and tablets weren’t affected, although the BlackBerry Messenger (BBM) apps for iOS and Android are vulnerable, as is BlackBerry Secure Work Space for iOS and Android. It’s working on fixes for all these products.
Apple is reported to have said iOS didn’t incorporate the vulnerable software.