Some 300,000 systems remain susceptible to catastrophic exploits, one scan shows.

More than four weeks after the disclosure of the so-called Heartbleed bug found in a widely used cryptography package, slightly more or slightly less than half the systems affected by the catastrophic flaw remain vulnerable, according to two recently released estimates.

A scan performed last month by Errata Security CEO Rob Graham found 615,268 servers that indicated they were vulnerable to attacks that could steal passwords, other types of login credentials, and even the extremely sensitive private encryption keys that allow attackers to impersonate websites or monitor encrypted traffic. On Thursday, the number stood at 318,239. Graham said his scans counted only servers running vulnerable versions of the OpenSSL crypto library that enabled the "Heartbeat" feature where the critical flaw resides.

A separate scan using slightly different metrics arrived at an estimate that slightly less than half of the servers believed to be vulnerable in the days immediately following the Heartbleed disclosure remain susceptible. Using a tool the researcher yngve called TLS Prober, he found that 5.36 percent of all servers were vulnerable to Heartbleed as of April 11, four days after Heartbleed came to light. In a blog post published Wednesday, he said 2.33 percent of servers remained vulnerable. It's important to remember the results don't include the number of Heartbleed-vulnerable servers providing services such a virtual private networks or e-mail.

Even more concerning, he said, was data showing the number of vulnerable Web servers running specialized encryption accelerators manufactured by F5 has held steady. The lack of a decline is most likely the result of new F5 BigIP systems coming online using unpatched versions of OpenSSL.

"As BigIP servers are used by sites serving large number[s] of users, this represents a significant security problem for those users," the researcher wrote. Also troubling, he said, was that of the vulnerable sites that have been patched in the past four weeks, as many as two-thirds of them may not have revoked their old digital certificates and regenerated a new one. As Ars has explained before, installing OpenSSL updates is only one step in the Heartbleed recovery regimen. Since the bug exposed private keys and passwords for more than two years, all vulnerable sites should assume their certificates are compromised and get new ones as soon as possible after upgrading.

An important proviso about the results of both scans: the estimates can be heavily skewed by the difficulty of probing millions of IP addresses or domain names, particularly when scans are carried days or weeks apart from each other. Graham said he suspects some servers have begun blocking his Heartbleed-detecting probes, or that congestion inside the network of his ISP could throw off the accuracy of his findings. For the sake of comparison, a separate scan that surveyed 156,022 websites found 1,291 of them vulnerable to Heartbleed.
Whatever scan is considered, the estimates are significant given the severity of the Heartbleed bug. The silver lining is that most big sites that were vulnerable have since been patched.