Google announced, last week, that customers of its Google Cloud Platform, Google Search Appliance, or anyone not running the latest version of Android, (4.1.1), are vulnerable to the Heartbleed bug. This security risk can leave a user wide open to hackers who can steal personal information, passwords and documents with no trace of ever doing so.
- More details on Google’s Heartbleed patches can be found here: Google Services Updated to Address OpenSSL CVE-2014-0160 (the Heartbleed bug)
- There is an app available to Android users that will notify if you are vulnerable to Heartbleed, which can be downloaded here.
- Alyssa Bereznak, of Yahoo tech news, has a comprehensive list of infected sites that can be found here.
As patches are still being implemented as of 4/14/14, be sure to watch your emails for ones asking you to update your password. These comapnies have already secured themselves against the Heartbleed bug and will probably notify you of this in the email. It is not advised to change passwords until notifications go out for two reasons:
- Not all servers/sites are affected
- Changing passwords before the patches are installed will only jeopardize your new password.
Matt Rohnkohl
Owner at designSolutionPros
