New HeartBleed - is MIUI affected?


foroul

Members
13 Jul 2013
16
13
There were not too much communication about client side, but the OpenSSL HeartBleed bug can be exploited at client side too: a malicious website can reach all memory of the browser (including all previously used unencrypted passwords). Google say, some version of android 4.1.1 affected - unfortunately MIUI based on this version.

My question is simple: is MIUI affected or not?
 
Last edited:
Just test it! There are two tools in the playstore to test it! On my phone the tests has been positive. I am on a V5 (4.3.12).Has anyone a solution? Is it better to cut data transfer until it is patched?

Gesendet von meinem MI 2S mit Tapatalk
 
My device is affected too. Bug has to be reported to Xiaomi.
If we are lucky they update the binary, can take weeks
 
And some worried about Chinese back doors on this rom....
Glad it's being fixed ASAP. Oh wait, it isn't
 
No, it can exploited at client side too. In that case server can read all data in browser memory: for example cookies and passwords for other websites
 
  • Like
Reactions: cpasmoi
Version 4.5.9 is still infected. Has someone new infos to solve?

Gesendet von meinem MI 2S mit Tapatalk
 
Last edited:
Version 4.5.23 also! I can't understand that nobody is interested! Any statement from the devs? Solution? Hello!?

Gesendet von meinem MI 2S mit Tapatalk