Last week, we said that the best things you can do to help protect yourself from the Heartbleed vulnerability were to make sure you’re running a security suite like Titanium, keep an eye on your accounts for unusual activity, and change your passwords when you’re told to by website operators.
Today, we want to let you know about two tools we’ve just released that can help you better protect yourself from the Heartbleed vulnerability. These tools are meant to help you identify sites that are affected by the Heartbleed vulnerability so you can take more active steps to protect yourself.
The first tool we’re announcing is the Trend Micro HeartBleed Detector. This tool works with Google Chrome and is available for free through the Google Chrome Web Store here. It’s also available as a stand-alone webpage for everyone here. This is a simple tool that you can use to identify if a website is affected by the Heartbleed vulnerability. Just enter the URL of the site you want to know about, click “Check Now” and the app will tell you if the site is vulnerable or not. If a site is vulnerable, you should not use that site until you get instructions from the site operator that they’ve corrected the vulnerability and that you should now change your password.
The second tool we’re announcing is for Android mobile devices. This is a free app you can download from Google Play. This app will let you know when any of your installed apps are communicating with sites that are vulnerable to the Heartbleed vulnerability. It will also let you know if your Android phone or any of the installed apps are themselves vulnerable to the Heartbleed vulnerability. If an app is found to be vulnerable, it will offer to uninstall it for you. If the detector finds a website that is vulnerable, you should not use that site until you get the “all clear” from the website operator. You can get more details on this tool over at the Security Intelligence blog.
The risks around the Heartbleed vulnerability are decreasing every day. Website operators are making good progress in taking the necessary steps needed to address this issue. But there are reports now of active attacks compromising people’s information. And the issue will never go away entirely, so it’s a good idea to use these tools to help better protect yourself from this vulnerability.