Only 3 percent of Web servers running the open-source version of a secure communications component, OpenSSL, may be using the latest, bug-free software, according to a recent survey by Internet watcher NetCraft. The OpenSSL secure sockets layer software allows servers to . . .

Only 3 percent of Web servers running the open-source version of a secure communications component, OpenSSL, may be using the latest, bug-free software, according to a recent survey by Internet watcher NetCraft. The OpenSSL secure sockets layer software allows servers to securely communicate with browsers across the Internet.

The survey found that nearly half of polled Web servers ran a version of OpenSSL that could be remotely exploited to bypass the server's security. (The 50,000 servers queried in the study were limited to those computers that returned a valid OpenSSL signature.) Other versions had lesser vulnerabilities. The survey did come with one major caveat: Many Linux distributions that include the software don't update the version numbers, making it falsely appear that the software is vulnerable.

The link for this article located at ZDNet is no longer available.