According to a survey by SRLabs, Ethereum clients, who have not received security updates, threaten all Ethereum network.
Researchers at the SRLabs have published a data-based report from ethernodes.org. According to the report, a large number of nodes, using the popular clients Parity and Geth, has not received any updates. Investigators they found that Ethereum clients and their users were unprotected for a long time.
There are vulnerabilities to many clients, which have not yet been corrected and endangering the blockchain ecosystem. A hacker who would be able to control the 51% of computing power on the Ethereum network could make a great deal of damage to the ecosystem. The hacker who will be able to attack many nodes will be able to control the 51% of the network even more easily.
For this reason, vulnerabilities that allow denial-of-service attacks, are very critical in cryptocurrency networks. Hackers could use these vulnerabilities to reduce the amount of computing power they needed to make an attack that would control 51% of the network.
A few months ago, the researchers of the SRLabs identified a vulnerability in the Parity client.
"According to the data we have collected, only two thirds of the nodes have been corrected so far. "Shortly after reporting this vulnerability, Parity issued a security alert urging users to make updates," the report said.
However, even after the release of the update, 40% of the nodes remained unprotected. Another update was released in March. 70% received the update while remaining 30% remained exposed.
Researchers have reported that Parity Ethereum has an automated information process, but it is quite complex.
Things are worse for Geth client, as he does not have this auto-update feature. Geth clients had not received security updates for a long time.
Lack of key patches on Ethereum clients can cause great damage as it endangers the entire Ethereum network.