One month after disclosure of the security vacuum heartbleed, a specialist researcher on Internet security issues, estimates that around 300.000 servers remain exposed.
The disclosure was made by security researcher Robert David Graham, through the blog of the Errata Security researcher team. The number of 300.000 exposed servers resulted from a global Internet scan performed by members of Errata.
According to this scan, a set of 1,5 million servers, worldwide, use the OpenSSL feature that allows the Heartbleed bug to work. Of the above set, a number of 318.239 systems remain vulnerable to this.
However, as explained, this figure counts only confirmed cases, and there may also be systems that were not counted either because of some spam blocking they were using or due to some particular OpenSSL configuration.
The number is worrying because the damage that Heartbleed can cause is important. Although large organizations have been quick to "shield" their servers against the threat, the damage can come from servers that are used by services and organizations not so technologically advanced.
It is worth recalling that since one server είναι ευάλωτος σε επιθέσεις, οποιοσδήποτε μπορεί να χρησιμοποιήσει το Ηeartbleed για να αποκτήσει προσωπικούς κωδικούς, κλειδιά ασφαλείας ή ακόμη και να αποκτήσει τον πλήρη έλεγχο μίας ενότητας της ιστοσελίδαs.
