Global hacking research collective SRLabs claims that only two thirds of the Ethereum client software that runs on Ethereum nodes has been patched against a critical security flaw discovered earlier this year.
An SRLabs report ostensibly shared with ZDNet has reportedly revealed that the critical flaw is a denial of service vulnerability in the Ethereum Parity client.
As SRLabs has outlined, the flaw could enable a hacker to remotely crash legitimate Parity Ethereum nodes by sending malformed packets.
"According to our collected data, only two thirds of nodes have been patched so far."
One month after the issue was successfully patched in the new Parity release, SRLabs researchers reportedly scanned the Ethereum blockchain to check how many Parity nodes had updated their clients to the new version.
"One month after this alert, we used data from Ethernodes.org to assess the security of the Ethereum node landscape and found that around 40% of all scanned Parity Ethereum nodes remained unpatched and thus vulnerable to the mentioned attack."
The data reportedly indicates that unpatched Parity nodes comprise 15% of all scanned nodes - implying that 15% of all Ethereum nodes are vulnerable to a potential 51% attack.
The sluggish pace of patching in response to discovered vulnerabilities was purportedly further demonstrated in SRLabs' broader analysis, which found that 7% of active Parity Ethereum nodes had not been patched for nine months, leaving them susceptible to other detected flaws.
A similar slow pace was discovered for a different Ethereum node client, Go-Ethereum, with 44% of Geth nodes reportedly not undergoing a critical security update.
The unpatched nodes ostensibly pose a risk to the entire network, as they could be crashed to reduce the costs of carrying out a blockchain-wide 51% attack, ZDNet notes.
Data: Just 2/3 of ETH Nodes Running Parity Have Been Patched Against Critical Security Flaw
Published on May 17, 2019
by Cointele | Published on Coinage
Coinage
Mentioned in this article
Recent News
View All
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.