Cybersecurity

Two Months Later, Heartbleed is Still a Major Issue

igor.stevanovic/Shutterstock.com

When the knowledge of Heartbleed became public two months ago, the Internet went into a password-changing, server-adjusting tailspin. The vulnerability hit about 600,000 systems initially. In the first month, about half of these were patched, bringing it down to around 300,000 vulnerable servers. 

On Saturday, Errata Security did a scan to determine how many systems were still vulnerable. They found a staggering number — 309,197 systems remain affected by Heartbleed. So, basically, in the last month nothing has changed. 

Robert Graham at Errata Security found these vulnerabilities by scanning the port 443. Graham has not yet checked other ports, so perhaps more systems have been affected.

Graham believes "this indicates people have stopped even trying to patch." He will continue to track system vulnerabilities next month, at the six-month mark and yearly thereafter. 

Because of this, it is a good idea to install a Heartbleed detector on your own system. Chrome offers a great one, called Chromebleed.

(Image via igor.stevanovic/Shutterstock.com)

Threatwatch Alert

Unauthorized use of system administrator privileges / Man-in-the-middle attack

Syrian Electronic Army Makes a Turkey Out of News Sites on Thanksgiving

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
// November 26
X CLOSE Don't show again

Like us on Facebook