Q
Problem solve Get help with specific problems with your technologies, process and projects.

Heartbleed vulnerability: Why does it persist on so many services?

The Heartbleed flaw still impacts almost 200,000 services connected to the internet. Expert Nick Lewis explains why these services remain unpatched and vulnerable.

Shodan released a report stating that almost 200,000 services connected to the internet remain unpatched against...

the OpenSSL Heartbleed vulnerability. Most of the impacted services are in the U.S. and running on the Linux 3.x kernel. Nearly three years since the patch was released, how concerning is this data? What do you think is the biggest reason these services are still unpatched?

The internet is sometimes described as a cesspool, and for good reason. Insecure devices seem to survive longer than anyone might expect; it's like someone discovering a pet python in the sewers.

However, finding systems that are still unpatched against the Heartbleed vulnerability three years after its discovery, despite the widespread awareness, is not surprising -- there are still reports about systems being infected with the Conficker worm almost 10 years after it first came out.

It's important to note that the Heartbleed bug is still being found on the internet, but enterprises are not required to take any new actions if they already addressed the Heartbleed vulnerability. Enterprises should also have already required their vendors to provide them with secure products.

The biggest reasons why the Heartbleed vulnerability has endured are the long life of the vulnerable systems and because many of these systems are managed differently from traditional IT systems. Internet service providers could start blocking systems that are participating in Heartbleed attacks, but this could have other unintended consequences that affect legitimate businesses.

Shodan only scans publicly accessible systems, so its report citing 200,000 vulnerable systems is a very conservative estimate. This number could include embedded systems running OpenSSL that weren't patched via normal processes or that never received a manufacturer update.

Next Steps

Find out how CISOs and IT administrators can share patch management responsibilities

Discover how to prevent Rakos malware attacks on embedded Linux systems

Learn about the impact of malware infections of ICS and SCADA systems

This was last published in June 2017

Dig Deeper on Endpoint protection and client security

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How does your enterprise ensure it is protected against older vulnerabilities, such as Heartbleed?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close