back to article It's 2017 and 200,000 services still have unpatched Heartbleeds

Some 200,000 systems are still susceptible to Heartbleed more than two years and 9 months after the huge vulnerability was disclosed. Patching efforts spiked after news dropped in April 2014 of the world's most well-known and at the time then most catastrophic bug. The vulnerability (CVE-2014-0160) that established the …

  1. Pascal Monett Silver badge
    Facepalm

    Word macro virii

    Seems that targeting the end user is a never-ending fountain of fun for black hats. Hardly surprising given that most end users haven't got a clue until it's too late (if even then).

    What is surprising is the fact that this avenue of attack was almost abandoned for a period. I guess it wasn't so easy to implement in Facebook. Small mercies and all that.

    Oh well, it's coming back now. Retro is the new in !

  2. Anonymous Coward
    Anonymous Coward

    Being forced to switch to a recent MS Office just to avoid vulnerabilities is painful. After 2 years, I still have to regularly google to find functions in the ribbon that I was used to in menus during the 25 previous years.

    1. Crazy Operations Guy

      Interesting fact: Office has had the Ribbon for 10 years now. The menu system has only existed for 16 years before that (Office 1.0 was released November 1990, the Ribbon was implemented January 2007). So to get '25 years' of experience with the Menu system, you would've had to been using Office 2003 up until 2012, assuming you were using Office 1.0 the day of release.

      Also of note: The Ribbon hasn't changed since 2007 when it was introduced. A final note: the keyboard shortcuts for functions haven't changed from their initial bindings, so shortcut from Office 95 still work in Office 2016.

      1. WolfFan

        dates...

        I started using MS Word for Mac 1.05 in 1985, with the menu system. On DOS-based systems I used Word Perfect; on CP/M I used WordStar. WinWord stunk up the place, and Windows 1 and 2 were worse. Excel 1 also arrived in 1985. PowerPoint had not yet been purchased and renamed, and Access had not been perpetuated yet. Fast-forward to 2007, 22 (not, repeat, NOT 25) years later I was using Office 2004 and 2008 on Mac, and 2003 and 2007 on Windows. I kept Office 2004 and 2003 around for a while, as Office 2008 had numerous bugs. (no ribbon, though.) If, for example, I wanted to move a PowerPoint from Office 2007 to a Mac, I had to either save it as a PPT, and run it past Office 2004 before opening it in Office 2008 (yes, really, roughly 25% of my PowerPoints wouldn't work if I just opened them in Office 2008, Microsoft wasn't compatible with Microsoft, imagine that) or I had to install the add-on which let Office 2003 read Office 2007 files and send them on. This joyous state of affairs persisted until Office 2010/2011, which could read/write each others' files. Office 2011 had the beginnings of a ribbon. Being a Mac system, it also had menus. The ribbon was markedly different. Office 2013 arrived. No Mac version did. Office 2016 for Windows and (be still my heart!) 2016 for Mac, not a different version number! arrived and Office for Mac still had menus, and still only kinda-sorta had a ribbon. The files could be round-tripped without having to jump behind God's back, though.

        It should be noted that command (not control...) key combinations which worked for Word and Excel in 1985 still do, with one or two exceptions (command-h has been liberated by the OS)

  3. Gene Cash Silver badge
    Pint

    El Reg goes https

    On the other hand, speaking of security & readers, El Reg is apparently full-steam https, at least in my browser. Bravo!

  4. Anonymous Coward
    Anonymous Coward

    Still Using Word 2003 here

    Though recently been upgraded to visio 2007 So for a brief period I had less than decade old software running. I suppose it goes well with the decade old OS.

  5. boobie
    Facepalm

    Another security audit

    One of my (large) customers read this article and decided it was grounds to request a full audit of possible vulnerability... Again. My corporate security won't say "no" so we now have to find the owner of every possibly affected device all over the network and get them to report back. Thanks guys.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like