Two months after OpenSSL bug Heartbleed was disclosed, more than 300,000 servers remain vulnerable, security researchers at Errata Security claim.

In April, Errata found 600,000 vulnerable systems. In June, that figure dropped to 318,239. Today, the firm claims that 309,197 servers remain affected by the bug.

Heartbleed Bug Still Affects 300K Servers

As of late April, “the top 1,000 sites in the world were all properly patched” in response to Heartbleed, according to information-security company Sucuri. This suggests that the remaining vulnerable servers may not affect the majority of Internet users. Still, the process in which the Web has reacted to Heartbleed is quite intriguing. It’s unclear how long it will take for the Heartbleed bug to be totally eliminated, but check back for updates as it gradually disappears.