I'm running Chromebleed to defend against sites affected by Heartbleed, but it's been a very long time since I've used a site that was still vulnerable. By now I would think the vast majority of the Internet has upgraded to protect against the vulnerability.
Asked
Active
Viewed 322 times
2 Answers
3
A quick Google search returns a few articles discussing Heartbleed one year after the announcement.
Fortune magazine on April 7 2015 cites a report saying that 74% of the Fortune 2000 have still not patched.
So, yes, this is still a problem.
schroeder
- 129,372
- 55
- 299
- 340
3
Heartbleed affects many things that aren't web servers, like embeded devices,VPN,SMTP or VoIP services. There is also a big difference between what gets patched on internet facing and local networks. Given that I still stumble upon windows NT4 boxes during pentests I expect to see heartbleed for many years to come.
wireghoul
- 5,959
- 2
- 18
- 26