Printed from http://www.electronista.com

Heartbleed vulnerability still found in over 300,000 SSL servers

updated 07:45 pm EDT, Thu May 8, 2014

Researcher finds decrease in vulnerable systems from previous month

Security researcher Robert Graham announced on the Errata Security blog that over 300,000 servers remain vulnerable to the Heartbleed bug, according to a recent scan done of Internet systems. The number marks a decrease from the previous month's scan, which numbered over 600,000 systems.

Graham found the number by running an open scan on port 443 on IPv4 addresses in order to get an estimate of systems that have yet to address the heartbeat exploit in OpenSSL. During the scan, Graham had only found 22 million systems confirming support of SSL. The previous scan had produced 28 million systems with an SSL handshake.

The scan also produced 1.5 million systems that supported the heartbeat protocol, yet Graham's previous scan produced only 1 million systems that were supporting the feature. While the number of systems using the protocol increased, the percentage of systems still vulnerable to exploits by the Heartbleed bug have drastically decreased from roughly 60 to 20 percent. According to Graham, the reasoning behind the scan results increasing are that "the first response of the bug was to disable heartbeats, then later when people correctly patched the software, heartbeats were re-enabled."

Even though a large majority of systems have been fixed since April when Heartbleed was at its peak, the new study shows a large number of services have still yet to take the concern seriously enough to attempt a fix. The numbers may be even larger, considering the results were based on a specific port and addressing set.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

SMS Audio Sync Sport on-ear headphones

When hitting the gym or going out for a trail run, headphones can cause a number of problems. From the ear buds getting slimy with swe ...

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose-built for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Sponsor

toggle

Most Commented

 
toggle

Popular News