toggle

AAPL Stock: 109.27 ( -1.1 )

Printed from http://www.macnn.com

Heartbleed vulnerability still found in over 300,000 SSL servers

updated 07:45 pm EDT, Thu May 8, 2014

Researcher finds decrease in vulnerable systems from previous month

Security researcher Robert Graham announced on the Errata Security blog that over 300,000 servers remain vulnerable to the Heartbleed bug, according to a recent scan done of Internet systems. The number marks a decrease from the previous month's scan, which numbered over 600,000 systems.

Graham found the number by running an open scan on port 443 on IPv4 addresses in order to get an estimate of systems that have yet to address the heartbeat exploit in OpenSSL. During the scan, Graham had only found 22 million systems confirming support of SSL. The previous scan had produced 28 million systems with an SSL handshake.

The scan also produced 1.5 million systems that supported the heartbeat protocol, yet Graham's previous scan produced only 1 million systems that were supporting the feature. While the number of systems using the protocol increased, the percentage of systems still vulnerable to exploits by the Heartbleed bug have drastically decreased from roughly 60 to 20 percent. According to Graham, the reasoning behind the scan results increasing are that "the first response of the bug was to disable heartbeats, then later when people correctly patched the software, heartbeats were re-enabled."

Even though a large majority of systems have been fixed since April when Heartbleed was at its peak, the new study shows a large number of services have still yet to take the concern seriously enough to attempt a fix. The numbers may be even larger, considering the results were based on a specific port and addressing set.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...

MSI Geforce GTX 970 100ME

When Nvidia announced a new line of video cards in September 2014, many people thought things would continue to be business as usual i ...

toggle

Most Commented