Apple Confirms 'Heartbleed' Security Issue Did Not Affect Apple Software and 'Key Services'

heartbleed_200Apple today released a statement to Re/code confirming that iOS, OS X and "key web services" were unaffected by the widely publicized security flaw known as Heartbleed which was disclosed earlier this week.

“Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key web-based services were not affected,” an Apple spokesperson told Re/code.

Heartbleed was a security flaw in the popular open-source software OpenSSL which helps provide secure connections between clients and servers. Due the ubiquity of OpenSSL, Heartbleed is believed to have affected approximately 66% of the internet.

Security blogger Bruce Schneier describes the issue as "catastrophic" and on "the scale of 1 to 10, this is an 11." The flaw allowed servers to leak server memory to a malicious attacker, allowing hackers to extract login/password and other private data from a server. Users are recommended to change their passwords on all services that may have been affected. Mashable provides a list of services where you should change your password. Fortunately, MacRumors Forums were unaffected by the security flaw.

Top Rated Comments

(View all)
Avatar
80 months ago
That's good. You know if Apple had been affected, all the headlines would be reading "Apple's Security Failure"
Score: 19 Votes (Like | Disagree)
Avatar
80 months ago
This is what a Walled Garden gets you :apple:
Score: 19 Votes (Like | Disagree)
Avatar
80 months ago
Apple could not resist that zinger :p

Android apparently incorporated it. Ouch.
Score: 19 Votes (Like | Disagree)
Avatar
80 months ago

To people above me: right - remember SSL issue from not long ago?
The garden is walled, except for wholes found from time to time.


wholes?

hmm, I'm gonna think about that while I enjoy my hore.
Score: 15 Votes (Like | Disagree)
Avatar
80 months ago


It's not important that Apple takes security very seriously and it doesn't even matter in this case - nobody (maybe except for the NSA^^) knew about this issue, so there wouldn't have been anything Apple could have done.

Not exactly. OpenSSL has gotten a lot of flack in the past for being a shoddy library. There's plenty of security researchers who've looked through the code and said it's a mess. So perhaps Apple knew to stay away where possible. In other cases, it was a lucky accident that they pinned OpenSSL on OS X to the older 0.9.8 which wasn't vulnerable.

Either way, it's a PR win for Apple, especially compared to Android which is vulnerable. And you can bet that many of the old versions of Android people are running will never get patched by carriers.
Score: 14 Votes (Like | Disagree)
Avatar
80 months ago
Their statement contained a bit of marketing blahblah.

It's not important that Apple takes security very seriously and it doesn't even matter in this case - nobody (maybe except for the NSA^^) knew about this issue, so there wouldn't have been anything Apple could have done.
Score: 13 Votes (Like | Disagree)

Top Stories

'This App is No Longer Shared' iOS Bug Preventing Some Apps From Opening

Friday May 22, 2020 3:58 pm PDT by
An app bug is causing some iOS users to be unable to open their apps, with affected iPhone and iPad users seeing the message "This app is no longer shared with you" when attempting to access an app. There are multiple complaints about the issue on the MacRumors forums and on Twitter from users who are running into problems. A MacRumors reader describes the issue:Is anyone else experiencing...

Apple Memorial Day Deals: Shop the Best Apple Accessory Sales From Twelve South, eBay, Anker, Mophie, and More

Friday May 22, 2020 6:39 am PDT by
We're now just a few days away from Memorial Day on Monday, May 25, and numerous retailers have opened up discounts in celebration of the holiday. This includes sales on helpful Apple-related accessories like Anker's portable batteries, Beats headphones at eBay, Incase and Incipio's protective iPad and iPhone cases, Mophie's iPhone battery cases, JBL's Bluetooth speakers, and much more. Note:...

Former iOS Chief Scott Forstall Shares Intriguing Story of His Interview With Steve Jobs at NeXT

Friday May 22, 2020 4:01 am PDT by
Former Apple executive and iOS chief Scott Forstall made a rare public appearance this week at Code.org's virtual Code Break event, and in between classes, Forstall shared the intriguing story of how he was hired by Steve Jobs. Forstall revealed that he had been considering working at Microsoft when he went to interview at NexT, the company started by Jobs after he had left Apple. Forstall...

'Apple Glass' Rumored to Start at $499, Support Prescription Lenses, and More

Tuesday May 19, 2020 6:30 am PDT by
Front Page Tech host and leaker Jon Prosser today shared several alleged details about Apple's rumored augmented reality glasses, including an "Apple Glass" marketing name, $499 starting price, prescription lens option, and more. The marketing name will be "Apple Glass" The glasses will start at $499 with the option for prescription lenses at an extra cost There will be displays in both...

Apple's 'Bounce' AirPods Ad Wins 'Best of Advertising' Award

Friday May 22, 2020 10:09 am PDT by
Apple's creative "Bounce" ad designed to highlight the AirPods took top honors in the 99th annual ADC (Art Director's Club) awards for advertising, earning the "Best of Discipline" award along with two Gold Cube awards in the craft in video and branded content categories. Released in June 2019, the ad features a bored man who pulls his AirPods off of their wireless charging pad and then pops ...

Apple's 'AirPods Studio' Over-Ear Headphones Have Reportedly Kicked Off Production

Friday May 22, 2020 7:03 am PDT by
We've been hearing quite a bit recently about Apple's long-rumored over-ear headphones, said to be called "AirPods Studio," and it looks like a launch may be coming in the relatively near future. Artist mockup based on Beats Studio3 Rumors have generally suggested a summer or fall launch for AirPods Studio, with a report earlier this week claiming that suppliers in Vietnam will begin...

Top Stories: Apple Glass and iPhone 12 Rumors, iOS 13.5 Update, and More!

Saturday May 23, 2020 6:00 am PDT by
It was another big week for rumors this week, with a flurry of reports about Apple's augmented reality glasses, the iPhone 12, and Apple's "AirPods Studio" over-ear headphones. This week also saw the release of iOS 13.5, bringing a number of health-related updates to Apple's mobile devices. Subscribe to the MacRumors YouTube channel for more videos. Other topics of interest this week included ...

Apple Releases iPadOS and iOS 13.5 With Exposure Notification API, Face ID Mask Updates, Group FaceTime Changes and More

Wednesday May 20, 2020 10:00 am PDT by
Apple today released iOS and iPadOS 13.5, major updates that come more than a month after the launch of iOS and iPadOS 13.4.1. iOS 13.5 is a major health-related update that brings many features related to the ongoing public health crisis. The iOS and ‌‌iPadOS‌‌ 13.5 updates are available on all eligible devices over-the-air in the Settings app. To access the updates, go to Settings...

Jon Prosser Claims Apple is Working on 'Steve Jobs Heritage Edition' AR Glasses, Gurman Calls Rumor 'Complete Fiction'

Thursday May 21, 2020 4:50 pm PDT by
Apple is working on a limited-edition version of its augmented reality smart glasses that's designed to look like the round, frameless glasses that Steve Jobs was famous for wearing, according to Jon Prosser. Prosser, who runs YouTube show Front Page Tech and who has been sharing a flood of Apple rumors in recent weeks, mentioned the detail in Cult of Mac's latest Cultcast podcast....

T-Mobile and Sprint Offering Free iPhone SE With Trade-In

Thursday May 21, 2020 1:14 pm PDT by
T-Mobile is launching a Memorial Day promotion that will see the company offering a free iPhone SE to customers who trade in an eligible older smartphone in good condition. From Friday to Monday, customers who trade in an existing smartphone can get a free iPhone SE (sales tax still needs to be paid) or up to $500 off a Samsung Galaxy S20. The free iPhone SE will be provided in the form...