Although Google has already created a fix to the Heartbleed security flaw, millions of older Android smartphones remain vulnerable to hacking. Many devices running Google’s 4.1.1 Jelly Bean version of the mobile OS have yet to receive an update that protects them from data theft.
Users in Germany are nearly five times at risk than US users, according to Lookout Inc. Security researcher Marc Rogers. The mobile security expert told Bloomberg that this is because a particular device running Android 4.1.1 is far more popular in Germany.
Last Wednesday, the Google Online Security Blog posted a security update, claiming that Android users were safe “with the limited exception of Android 4.1.1”. However, the ‘limit’ of this exception could impact up to ten million users worldwide.
Google has yet to officially announce how many of its users remain at risk from the Heartbleed security flaw. According to official Google statistics released earlier this month, 34.4% of Android’s 900 million worldwide users still use Android 4.1.x.
Beyond Android, security firms claim that dozens of Android and iOS apps, such as BlackBerry’s messaging app, remain vulnerable to Heartbleed.