Number: IRCNE2014062226
Date: 2014-06-24
According to “zdnet”, two months after the Heartbleed bug was discovered, at least 300,000 servers remain vulnerable to the exploit.
Heartbleed, discovered by a Google engineer, caused widespread panic and a furious round of server patching by companies worldwide. The security kink impacts OpenSSL and, if exploited, can leak account login details and passwords.
Once Heartbleed was publicized, security researcher Robert David Graham from Errata Security found that roughly 600,000 servers were vulnerable to the security flaw. One month later, half of these servers had been patched and protected against Heartbleed, and only 318,239 were left exposed.
The security researcher says this stagnation means people have stopped even trying to patch systems, and there should be a "slow decrease" in the number of vulnerable systems as older servers are replaced.
"Even a decade from now, though, I still expect to find thousands of systems, including critical ones, still vulnerable," Graham says.
- 2