More than 300,000 servers are still vulnerable to the Heartbleed bug as websites aren't bothering to patch it up. So far, only 9000 servers were patched last month, leaving behind plenty of vulnerable servers. We've known about Heartbleed for a while now, since security researcher, Robert David Graham, warned the Internet about the flaw.
At first Graham warned that 600,000 servers could be affected, just under half of those were patched, leaving behind 318,239 vulnerable systems. Graham checked in again over the weekend and found that at least 390,197 servers have still yet to be patched.
The security researcher is worried that this slow patching rate is a sign that smaller websites aren't bothering to fix the problem: “This indicates people have stopped even trying to patch. We should see a slow decrease over the next decade as older systems are slowly replaced. Even a decade from now, though, I still expect to find thousands of systems, including critical ones, still vulnerable.”
Progress will be tracked again next month and then again at the six month mark. After that, yearly checks will be made to see how many servers still need to update. We reported on Heartbleed last month and since then, we have also reported on the very first hacker to be arrested for exploiting the bug.
Discuss on our Facebook page, HERE.
KitGuru Says: Heartbleed is a big problem that opens up a lot of websites to exploitation. The worst part is that it was around for two years prior to the discovery and nobody said anything about it. However, that could also mean that not many hackers are even attempting to exploit the bug.
Source: The Inquirer