You may remember that several months ago the IT security world was rocked by the exposure of the Heartbleed bug. The bug, which affects OpenSSL, exposed vulnerabilities in 600,000 servers, leaving account information and passwords vulnerable on thousands of websites. Users on websites including Facebook and eBay were encouraged to change their passwords and use different passwords on every site.
Soon after the discovery of the bug, a massive effort to patch vulnerable servers began. Within one month, nearly half of the 600,000 vulnerable servers had been patched, with 318,239 still vulnerable. Unfortunately, this rate has not held in the second month of knowledge of Heartbleed’s existence. Since the initial rush to patch in the first month, only about 9,000 servers have been patched, leaving 309,197 still unprotected.
The slowdown can be attributed to the initial rush by the big online players with the resources to patch their servers doing so as soon as possible. Smaller online companies, however, have not made the same efforts, and the number of servers being patched is expected to continue to decrease. Even though new, non-vulnerable servers are coming online, it is expected that many of these vulnerable servers will continue to function for a long time to come. It is for this reason to internet users should use different passwords for all their accounts. In addition, you can determine whether or not a website is vulnerable using this free checker from McAfee.
About DHA Group, Inc.
DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies. DHA Group supports clients’ mission-critical work by delivering expert professional services. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about Government Makes Research Data Available, please visit us atwww.dha-inc.com or call 202-347-9865, or join the conversation on Facebook, LinkedIn, Twitter or Google+.
Source
http://www.zdnet.com/heartbleed-over-300000-servers-still-exposed-7000030813/