Apple Confirms 'Heartbleed' Security Issue Did Not Affect Apple Software and 'Key Services'

heartbleed_200Apple today released a statement to Re/code confirming that iOS, OS X and "key web services" were unaffected by the widely publicized security flaw known as Heartbleed which was disclosed earlier this week.

“Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key web-based services were not affected,” an Apple spokesperson told Re/code.

Heartbleed was a security flaw in the popular open-source software OpenSSL which helps provide secure connections between clients and servers. Due the ubiquity of OpenSSL, Heartbleed is believed to have affected approximately 66% of the internet.

Security blogger Bruce Schneier describes the issue as "catastrophic" and on "the scale of 1 to 10, this is an 11." The flaw allowed servers to leak server memory to a malicious attacker, allowing hackers to extract login/password and other private data from a server. Users are recommended to change their passwords on all services that may have been affected. Mashable provides a list of services where you should change your password. Fortunately, MacRumors Forums were unaffected by the security flaw.

Top Rated Comments

Jedibugs Avatar
107 months ago
That's good. You know if Apple had been affected, all the headlines would be reading "Apple's Security Failure"
Score: 19 Votes (Like | Disagree)
BornAgainApple Avatar
107 months ago
This is what a Walled Garden gets you :apple:
Score: 19 Votes (Like | Disagree)
dugbug Avatar
107 months ago
Apple could not resist that zinger :p

Android apparently incorporated it. Ouch.
Score: 19 Votes (Like | Disagree)
robeddie Avatar
107 months ago
To people above me: right - remember SSL issue from not long ago?
The garden is walled, except for wholes found from time to time.

wholes?

hmm, I'm gonna think about that while I enjoy my hore.
Score: 15 Votes (Like | Disagree)
petsounds Avatar
107 months ago

It's not important that Apple takes security very seriously and it doesn't even matter in this case - nobody (maybe except for the NSA^^) knew about this issue, so there wouldn't have been anything Apple could have done.
Not exactly. OpenSSL has gotten a lot of flack in the past for being a shoddy library. There's plenty of security researchers who've looked through the code and said it's a mess. So perhaps Apple knew to stay away where possible. In other cases, it was a lucky accident that they pinned OpenSSL on OS X to the older 0.9.8 which wasn't vulnerable.

Either way, it's a PR win for Apple, especially compared to Android which is vulnerable. And you can bet that many of the old versions of Android people are running will never get patched by carriers.
Score: 14 Votes (Like | Disagree)
SILen(e Avatar
107 months ago
Their statement contained a bit of marketing blahblah.

It's not important that Apple takes security very seriously and it doesn't even matter in this case - nobody (maybe except for the NSA^^) knew about this issue, so there wouldn't have been anything Apple could have done.
Score: 13 Votes (Like | Disagree)

Popular Stories

2022 back to school apple

Apple Launches 2022 Back to School Offer: Up to $150 Gift Card With Mac or iPad

Friday June 24, 2022 5:08 am PDT by
Apple today launched its annual "Back to School" promotion for college/university students in the United States and Canada. This year's promotion offers a free Apple gift card with the purchase of an eligible Mac or iPad, rather than free AirPods like last year. Apple is also offering students 20% off AppleCare+ plans during the promotion. Apple is offering a $150 gift card with the purchase ...
apple ar headset concept 2

Apple CEO Tim Cook Hints at AR/VR Headset: 'Stay Tuned and You'll See What We Have to Offer'

Wednesday June 22, 2022 6:34 pm PDT by
CEO Tim Cook this week did an interview with China Daily, where he once again commented on on the future of augmented reality and hinted at Apple's work on an AR/VR headset. Render via designer Ian Zelbo Cook said that Apple is excited about the opportunities available with augmented reality, which is not too far off from prior comments that he's made, but he went on to say that people should ...
airpods pro 2 1

AirPods Pro 2 Said to Feature Upgraded H1 Chip, Find My, Heart Rate Detection, USB-C and More

Friday June 24, 2022 9:48 am PDT by
The next-generation AirPods Pro could come with a long list of new features that include heart rate detection, the ability to function as a hearing aid, and a USB-C port according to a report from 52Audio. The site claims that it has received new information on the AirPods Pro 2, and it has used that information to provide some renders on what the earbuds might look like. Design wise, there...
customize wallpaper setting ios 16

iOS 16 Beta 2 Tidbits: New Wallpaper Colors, Backup Over LTE, SMS Filtering and More

Wednesday June 22, 2022 2:16 pm PDT by
Apple today seeded the second betas of iOS 16 and iPadOS 16 to developers for testing purposes, and the new betas introduce new features and refine some of the changes that Apple made with the first iOS 16 release. Subscribe to the MacRumors YouTube channel for more videos. Lock Screen Photo Wallpaper Customization When customizing a photo on the Lock Screen, there are two new DuoTone and...
home app ios 16

Apple Confirms iPad Will No Longer Be Supported as a Home Hub in iOS 16

Wednesday June 22, 2022 12:38 pm PDT by
The iPad will no longer be able to be used as a home hub following the launch of iOS 16, iPadOS 16, macOS Ventura, and the HomePod 16 software this fall, Apple confirmed today. As discovered in iOS 16 code by MacRumors contributor Steve Moser, Apple says that the iPad will no longer be supported as a home hub. This information will be displayed in the Home app after updating to iOS 16.A home ...
apple ar headset concept 1

Apple Rumored to Announce 'Game-Changer' AR/VR Headset in January 2023

Friday June 24, 2022 2:52 am PDT by
Apple is "likely" to announce its long-rumored mixed-reality headset as soon as January 2023, Apple analyst Ming-Chi Kuo has reiterated. Concept render based on purported leaked information by Ian Zelbo In a detailed post on Medium, Kuo explained that Apple's headset will be a "game-changer" for the augmented-reality and virtual-reality market. Describing some of the headset's...