Remember the HTC EVO LTE? Sprint does, at least to some degree. The carrier is sending out a small software patch for the phone, reportedly removing a vulnerability from the infamous Heartbleed SSL security bug. Unpatched versions of Android 4.1.1 (and only 4.1.1) are vulnerable to Heartbleed, so EVO LTE owners probably want to get on that right away.

heartbleed

Heartbleed's relationship to Android is a little strange: it affects Android 4.1.1, but not earlier versions of Jelly Bean 4.1, and not later versions of any release, either, so the number of active phones and tablets at risk is comparatively small. Downloaded apps might also be vulnerable (regardless of your Android software build). You can check your vulnerabilities with this handy Heartbleed Scanner app.

Of course, the fact that they're at least partially protected from the biggest security threat on the Internet probably isn't much of a comfort for EVO LTE owners, since they're still running a version of Android that's almost two years out of date. An upgrade to 4.3 (only ten months old!) should be coming at some point, at least if this page from HTCDev has any merit. Hey EVO LTE owners, you know there are CyanogenMod 11 builds available, right?

If you've got a stock phone, you know the drill: wait for the 3.17.651.5 OTA alert or check manually in your settings menu. Those with rooted software and/or custom recoveries need not apply.

Source: Sprint Support