This report is written 16 days after the vulnerability’s initial disclosure. The Trustlook team has analyzed Alexa’s top 1 million websites and over 120,000 apps from Google Play. To show you Heartbleed’s aftermath after 2 weeks and onward.
According to the scan results of the Alexa top 1 million websites, 451,470 websites have enabled SSL connections, and of them, 19,566 or 4.4% of websites are still vulnerable.
For mobile platforms, Android 4.1.1, which occupies 7% of Android market share, is vulnerable due to the OpenSSL version it used. What makes things worse is that Android is a highly fragmented OS, some 3rd party ROMs react slowly on patches and updates. After scanning 120,000 apps from Google Play, 8.7% of the apps that enables SSL connection have been found vulnerable, which affects more than 150 million users.