X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
The newly exposed Heartbleed bug plaguing some 17% of SSL-secured websites as well as various VPN products has caused a massive case of Internet heartburn over the past 48 hours as companies rushed to confirm their exposure and lock down their SSL/TLS software, writes Kelly Jackson Higgins at InformationWeek. But just how bad is it?

Errata Security CEO Robert Graham scanned the Net for machines vulnerable to the implementation flaw in the so-called Heartbeat function of TLS, and discovered some 600,000 affected out of 28 million SSL machines. He estimates that some one-third of SSL machines had been patched with the update to the buggy OpenSSL library. Netcraft, meanwhile, says the buggy Heartbeat extension is enabled on 17.5 percent of SSL sites, which include close to a half-million digital certificates at risk of theft and spoofing from the attack. 

Want to continue reading?
Become a Free
PropertyCasualty360 Digital Reader.

INCLUDED IN A DIGITAL MEMBERSHIP:

  • All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.

Already have an account?

PropertyCasualty360

Join PropertyCasualty360

Don’t miss crucial news and insights you need to make informed decisions for your P&C insurance business. Join PropertyCasualty360.com now!

  • Unlimited access to PropertyCasualty360.com - your roadmap to thriving in a disrupted environment
  • Access to other award-winning ALM websites including BenefitsPRO.com, ThinkAdvisor.com and Law.com
  • Exclusive discounts on PropertyCasualty360, National Underwriter, Claims and ALM events

Already have an account? Sign In Now
Join PropertyCasualty360

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.