Two months down the line when it was first exposed the memories of Heartbleed bug might be getting blurry for web users but the security concerns refuse to die.
When the deadliest bug in the internet history was exposed by a Google Employee in early April this year many well known companies that use Open SSL rushed to fix the vulnerability. But sadly there are plenty web networks that didn’t bother to fix the affected patches in servers and may not have any intention to do so in future.
Robert Graham of Errata Security say that around 600,000 servers were vulnerable to Hearbleed bug when it was first exposed in April but the number dropped to 318,239 in May. Now a new test run by the security firm reflects that around 309,197 servers are still vulnerable to the deadly bug.
Such a slow fall in the number of fixed Open SSL patches in the last month indicates that most of unpatched servers may be suffering due to ignorance to address the security issue. While answering a comment on his blog post Graham also said that he could have put out the list of affected sites but that would only make hacking easier for web thief.
Nevertheless,Graham is planning to run another Heartbleed bug test in October and one in April 2015 to see how much Open SSL vulnerability gets patched.
It’s notable that the Open SSL vulnerability allows hacker to steal your password, financial data like credit and debit card details and even personal information. As more than 300,000 websites continue to be vulnerable to Heartbleed bug it is hard to say that internet is a safe place.
