DNS, as a vital component of the Internet, is frequently exploited for malicious activities. Millions of open DNS resolvers are exposed with public access, posing significant risks. Amplification vulnerability in UDP-based DNS protocol has been abused by miscreants to launch reflection amplification Distributed Denial of Service (DDoS) attacks. In reflection amplification attacks, forged DNS request packets are continuously sent to open resolvers, triggering amplified attack traffic against the targeted victim. To defend against such attacks, resolvers can take measures to reject anomalous requests and limit the size of responses. Measures such as source address verification and response rate limiting prove effective in mitigating the risk of resolver exploitation. However, implementing these measures requires software and hardware updates or configuration changes, potentially incurring additional costs. Currently, it remains unclear how many open resolvers are adequately protected and how many still pose the potential for exploitation. In this paper, we conducted a thorough measurement on open resolvers about the actual potential of abuse. Our measurement results indicated that 14.9% of open resolvers are susceptible to exploitation for reflection-based DDoS attacks and thousands of resolvers are still exposed to reflection amplification attacks with no mitigation measure.