300,000 Websites Still Haven’t Patched Against Heartbleed

The Citizen's Guide to the Future
June 23 2014 4:45 PM

300,000 Websites Still Haven’t Patched Against Heartbleed

Vulnerable Heartbleed sites still lurk in the shadows of the Internet.

Logo by Codenomicon.

It's been about 2 ½ months since the discovery of the Heartbleed vulnerability, and most of the sites you use every day have since been patched. All the major social networks—plus popular services from giants like Google, Apple, and Microsoft—acted quickly to fix the problem. But there's another side of the Internet, a less secure and seedier side. It's also a big side. According to a new report, 300,000 websites still haven't been patched against Heartbleed.

Robert Graham at Errata Security reports that 318,239 sites were still vulnerable at the beginning of May and 309,197 systems remain at risk. Back in April, when Heartbleed came to light, Graham found 615,268 sites at risk. It seems like the patching craze is tapering off, and the sites that are left are not going to be patched anytime soon—if at all.


Graham plans to check the number again next month and in September at the six-month anniversary of Heartbleed. He writes:

This [number] indicates people have stopped even trying to patch. We should see a slow decrease over the next decade as older systems are slowly replaced. Even a decade from now, though, I still expect to find thousands of systems, including critical ones, still vulnerable.

In the comments on his post, Graham notes that he has decided not the publish the list of sites that are still vulnerable because he doesn't want to make it even easier for hackers to know which sites to target with Heartbleed attacks. Though your favorite sites are probably safe, it’s important to keep in mind as you amble around the Internet that poorly maintained sites could still be at risk.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.


Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Students Aren’t Going to College Football Games as Much Anymore

And schools are getting worried.

Two Damn Good, Very Different Movies About Soldiers Returning From War

The XX Factor

Lifetime Didn’t Think the Steubenville Rape Case Was Dramatic Enough

So they added a little self-immolation.


Blacks Don’t Have a Corporal Punishment Problem

Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 

Why a Sketch of Chelsea Manning Is Stirring Up Controversy

How Worried Should Poland, the Baltic States, and Georgia Be About a Russian Invasion?

Trending News Channel
Sept. 19 2014 1:11 PM Watch Flashes of Lightning Created in a Lab  
  News & Politics
Sept. 20 2014 11:13 AM -30-
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
Brow Beat
Sept. 20 2014 3:21 PM “The More You Know (About Black People)” Uses Very Funny PSAs to Condemn Black Stereotypes
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Bad Astronomy
Sept. 20 2014 7:00 AM The Shaggy Sun
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.