Apple says iOS, OS X, iTunes and iCloud not affected by Heartbleed OpenSSL bug

Advertisement
By NDTV Correspondent | Updated: 11 April 2014 14:24 IST
The Heartbleed bug, which came to light this week, is a massive security vulnerability that affects the encryption framework used by about two-thirds of the world's Web servers, leaving users' passwords and confidential information potentially available to malicious attackers. Since its disclosure, major Web companies have been scrambling to patch their infrastructure and assess the extent of their liability.

While major Web services including Facebook, Dropbox, Yahoo, Amazon and multiple Google offerings are now known to have been vulnerable prior to the disclosure of the bug. Apple has now told tech industry news site Re/code that its products and services were not affected by the bug. Apple has said its operating systems, OS X and iOS, as well as web services including iTunes and iCloud, which are used by millions of users and generate millions of transactions per day, never used the vulnerable OpenSSL implementation.

The OpenSSL Heartbleed bug is being described as one of the most serious security problems to ever affect the Internet. It is not known whether malicious "black hat" hackers were aware of the bug and were exploiting it before security workers were aware of the need to patch it.

Heartbleed allows attackers to send commands to a server which result in it sending small portions of the system memory back to the attacker, unencrypted. Many of these snippets of data could be combined to reveal critical information stored in the memory, including top-level encryption keys and actual user data such as passwords and the contents of messages. With access to such keys, the attackers could then decrypt any information flowing to or from that server, without anyone realising.

Web users are advised to change all passwords, since the worst-case scenario that information has already leaked out, and millions of existing SSL certificates are useless, is completely plausible. In addition to attackers usually motivated by profit, global security agencies that have been in the news for monitoring private communications, are also likely to have been interested in the potential for data gathering using the Heartbleed bug.
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Apple, Dropbox, Facebook, Gmail, Google, Heartbleed, OpenSSL, Yahoo, internet security, security
Facebook leading women to eating disorders: Survey
Amazon to buy digital comics company comiXology
Advertisement

Related Stories

Apple's iPhone 8 Plus Listed as Vintage Product Ahead of iPhone 17 Launch, 11-Inch MacBook Air Now Obsolete
2 September 2025
Apple Reportedly Pushes Supply Chain Partners to Ramp Up Automation Upgrades
2 September 2025
Apple Hebbal: First-Ever Apple Store in Bengaluru is Now Open
2 September 2025
Amazon Great Indian Festival Sale 2025: Top Deals on Smartphones, Laptops From Samsung, Apple, HP, and More Revealed
1 September 2025
Apple Watch Series 11, Watch Ultra 3 and Watch SE 3: Everything We Know Ahead of Apple’s ‘Awe Dropping’ Event
1 September 2025
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Realme 15T With 50-Megapixel Selfie Camera Debuts in India: See Price
  2. Amazon Great Indian Festival Sale: Deals on Smartphones, Laptops Teased
  3. India's Indigenous Vikram Microprocessor Showcased at Semicon India 2025
  4. Realme 15T 5G India Launch Today: All You Need to Know
  5. Astronomers Propose Rectangular Telescope to Hunt Earth-Like Planets
#Latest Stories
  1. BCCI Says Crypto, Real Money Gaming Platforms Can’t Bid for Team India’s Title Sponsorship
  2. Scientists Discover Hidden Mantle Layer Beneath the Himalayas Challenging Century-Old Theory
  3. Astronomers Propose Rectangular Telescope to Hunt Earth-Like Planets
  4. Microsoft Testing Native Clipboard Sync Feature to Share Text Between Windows PCs, Android Devices
  5. Su From So OTT Release: When and Where to Watch This Kannada-Language Horror-Comedy Online
  6. Sennheiser Momentum 4 Wireless 80th Anniversary Edition Launched in India With Up to 60 Hour Battery Life
  7. Call of Duty Film Adaption Said to Be a 'Priority' at Paramount, Negotiations on to Acquire Rights
  8. Cannibal Solar Storm May Trigger Auroras as Powerful Geomagnetic Storm to Hit Earth Soon
  9. Apple's iPhone 8 Plus Listed as Vintage Product Ahead of iPhone 17 Launch, 11-Inch MacBook Air Now Obsolete
  10. Hidden Reason Behind Portugal’s Deadly Earthquakes Finally Explained
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.