It appears that most of the industry got the message about the yawning hole in the open-source OpenSSL cryptographic software library.
Ten days after the coverage of the Heartbleed hole, which allows hackers access to user data IT execs and web admins around the world appear to have rushed to plug the hole. Security research firm Sucuri scanned the Internet’s top one million websites to see how many of them were still vulnerable.
Sucuri CTO Daniel Cid wrote in his bog that after 10 days of massive coverage, he expected to see every server out there patched against it. To confirm our expectations, the outfit scanned every web site listed in the Alexa top 1 million rank. The firm found that the top 1,000 sites in the world were all properly patched, and that just 0.53% of the top 10,000 still had issues. Less popular and smaller sites, the number of unpatched servers grew to 2 per cent.
Of course while the percentage might be very small, that translates as a lot of sites sill having holes.