Study: Paucity of patches on OpenSSL

By Robert Lemos
Staff Writer, CNET News

Only 3 percent of Web servers running the open-source version of a secure communications component, OpenSSL, may be using the latest, bug-free software, according to a recent survey by Internet watcher NetCraft. The OpenSSL secure sockets layer software allows servers to securely communicate with browsers across the Internet.

The survey found that nearly half of polled Web servers ran a version of OpenSSL that could be remotely exploited to bypass the server's security. (The 50,000 servers queried in the study were limited to those computers that returned a valid OpenSSL signature.) Other versions had lesser vulnerabilities. The survey did come with one major caveat: Many Linux distributions that include the software don't update the version numbers, making it falsely appear that the software is vulnerable.

Latest tech news headlines

One of Google Chrome OS's hardest tasks? Printing
Posted in Relevant Results by Tom Krazit

December 1, 2009 4:38 PM PST
At last, Google has some parasites
Posted in Technically Incorrect by Chris Matyszczyk

December 1, 2009 3:55 PM PST
Facebook and MySpace delete NY sex offenders
Posted in Safe and Secure by Larry Magid

December 1, 2009 3:16 PM PST
See all headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Markets: Market news, charts, SEC filings, and more; Related quotes; Dow Jones Industrials (1.23%) 126.74 10,471.58; S&P 500 (1.21%) 13.23 1,108.86; NASDAQ (1.46%) 31.21 2,175.81; CNET TECH (1.30%) 20.52 1,595.41

Inside CNET News

Scroll Left Scroll Right

Business Tech
Sun takes big fall in server market
Sun Microsystems clocks lowest revenue and shipment among global top 5 server vendors for third quarter of 2009, says Gartner.
Gallery
Energy displays bring the smart grid home (photos)
Technically Incorrect
Dad accuses Disney of calling his 11-year-old a hacker
Brian Guy, a manager of MySQL's team at Sun Microsystems, says Disney falsely accused his 11-year-old son of hacking the Pirates of the Caribbean game.
Beyond Binary
Microsoft's Mehdi on financial impact of Yahoo deal
In a speech, Microsoft's Yusuf Mehdi says that once the two companies have a single paid search platform both should see double-digit increases in revenue per search.
Video
A window into the Microsoft Store
Technically Incorrect
At last, Google has some parasites
Canadian car rental company AutoShare and indie band the Editors both find inspired ways to use Street View to advertise themselves.
Video
Google Chrome OS demonstration
The Social
Twitter founder formally unveils 'Square' project
The add-on can turn a device, such as an iPhone, into a credit card reader. It's being aimed at small businesses for whom traditional credit card systems are cumbersome and expensive.
Crave
Coming soon: Recyclable mannequin robots
Osaka-based Eager Co. is developing corrugated cardboard mannequin robots for that can gracefully display clothing in retail displays.
Gallery
Digital cloud set to hover above 2012 Olympics (images)
Relevant Results
One of Google Chrome OS's hardest tasks? Printing
Printer drivers are a complicated problem to solve when building a new operating system, and Google hopes to come up with a unique solution for Chrome OS's launch.
Green Tech
Smart grid potential gated by broadband
The intersection of broadband and energy can lead to efficiency and technology innovation. What's needed is wider access, standards, and right regulations, say execs and officials at an FCC hearing.