New HeartBleed - is MIUI affected?


Jul 13, 2013
16
1
13
#1
There were not too much communication about client side, but the OpenSSL HeartBleed bug can be exploited at client side too: a malicious website can reach all memory of the browser (including all previously used unencrypted passwords). Google say, some version of android 4.1.1 affected - unfortunately MIUI based on this version.

My question is simple: is MIUI affected or not?
 
Last edited:
Dec 4, 2013
13
4
13
#2
Just test it! There are two tools in the playstore to test it! On my phone the tests has been positive. I am on a V5 (4.3.12).Has anyone a solution? Is it better to cut data transfer until it is patched?

Gesendet von meinem MI 2S mit Tapatalk
 

redmaner

translators.xiaomi.eu maintainer
Staff member
Jan 12, 2013
534
546
180
#3
My device is affected too. Bug has to be reported to Xiaomi.
If we are lucky they update the binary, can take weeks
 
Jul 13, 2013
16
1
13
#7
No, it can exploited at client side too. In that case server can read all data in browser memory: for example cookies and passwords for other websites
 
Likes: cpasmoi
Dec 4, 2013
13
4
13
#9
Version 4.5.9 is still infected. Has someone new infos to solve?

Gesendet von meinem MI 2S mit Tapatalk
 
Last edited:
Dec 4, 2013
13
4
13
#10
Version 4.5.23 also! I can't understand that nobody is interested! Any statement from the devs? Solution? Hello!?

Gesendet von meinem MI 2S mit Tapatalk