Heartbleed Bug Still Causing Problems after Two Months of Patches

• By Ginger Hill
• Jun 24, 2014

A couple of months ago, the Heartbleed bug seemed to hit the cyber world fairly hard as security professionals urged everyone to change their passwords to their accounts while patches were promised. Fast forward to the present and there are still a high number of servers that remain vulnerable to this virus.

Robert Graham, security researcher, Errata Security, found that approximately 600,000 servers were vulnerable to Heartbleed, initially, and now 309,197 servers still remain unprotected.

According to Graham, this stagnation means that people have stopped trying to patch systems indicated by the percentages that have gone from double digits to single.  In fact, only 9,042 of the over 300,000 servers have been patched in the last month.

Of course the top companies have protected themselves, but the smaller firms either haven’t done so as of yet or don’t plan to at all. This leaves major holes where the Heartbleed bug can penetrate.

McAfee has released a free checker tool in which you can enter an IP address or URL and the tool will provide an analysis of “vulnerability not detected,” “vulnerability detected,” or “not vulnerable.” For fun, I typed in our website URL. The result? “Vulnerability Not Detected.”

Still, security experts are recommending that you use a different, unique password for each of your online accounts, just to be on the safer side.