Apple says iOS, OS X, iTunes and iCloud not affected by Heartbleed OpenSSL bug

Advertisement
By NDTV Correspondent | Updated: 11 April 2014 14:24 IST
The Heartbleed bug, which came to light this week, is a massive security vulnerability that affects the encryption framework used by about two-thirds of the world's Web servers, leaving users' passwords and confidential information potentially available to malicious attackers. Since its disclosure, major Web companies have been scrambling to patch their infrastructure and assess the extent of their liability.

While major Web services including Facebook, Dropbox, Yahoo, Amazon and multiple Google offerings are now known to have been vulnerable prior to the disclosure of the bug. Apple has now told tech industry news site Re/code that its products and services were not affected by the bug. Apple has said its operating systems, OS X and iOS, as well as web services including iTunes and iCloud, which are used by millions of users and generate millions of transactions per day, never used the vulnerable OpenSSL implementation.

The OpenSSL Heartbleed bug is being described as one of the most serious security problems to ever affect the Internet. It is not known whether malicious "black hat" hackers were aware of the bug and were exploiting it before security workers were aware of the need to patch it.

Heartbleed allows attackers to send commands to a server which result in it sending small portions of the system memory back to the attacker, unencrypted. Many of these snippets of data could be combined to reveal critical information stored in the memory, including top-level encryption keys and actual user data such as passwords and the contents of messages. With access to such keys, the attackers could then decrypt any information flowing to or from that server, without anyone realising.

Web users are advised to change all passwords, since the worst-case scenario that information has already leaked out, and millions of existing SSL certificates are useless, is completely plausible. In addition to attackers usually motivated by profit, global security agencies that have been in the news for monitoring private communications, are also likely to have been interested in the potential for data gathering using the Heartbleed bug.
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Apple, Dropbox, Facebook, Gmail, Google, Heartbleed, OpenSSL, Yahoo, internet security, security
Facebook leading women to eating disorders: Survey
Amazon to buy digital comics company comiXology
Advertisement

Related Stories

From Hardware Guru to CEO: Why John Ternus Is the Right Choice for Apple
21 April 2026
iOS 27 Leak Suggests Four Models Might Not Receive Apple's Next iPhone OS Upgrade
21 April 2026
Apple's iOS 26.5 Beta 3 Update for iPhone Rolls Out With Stability Improvements, Bug Fixes
21 April 2026
iPhone 18 May Not Arrive With Hardware Upgrades, Could Be Closer to iPhone 18e as Apple Cuts Costs: Reports
21 April 2026
Apple Announces Historic Leadership Transition as Tim Cook Steps Down; John Ternus Named Successor
21 April 2026
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Vivo X300 FE Roundup: Expected Price in India, Specifications
  2. Poco M8s 5G Debuts Globally With 7,000mAh Battery: See Price, Features
  3. Motorola Edge 70 Pro+ Leaked Renders Hint at Design, Five Colour Options
#Latest Stories
  1. NASA Shuts Down Voyager 1 Instrument to Extend Mission Life in Deep Space
  2. Oppo Enco Clip 2 With Open-Ear Design, Up to 40 Hours Total Battery Life Launched Alongside Oppo Watch X3 Mini
  3. Vivo Y6t Launched With 6,500mAh Battery, Snapdragon 4 Gen 2 SoC: Price, Specifications
  4. OCBC Partners Lion Global Investors and DigiFT to Launch Tokenised Gold Fund With GOLDX Token
  5. Oppo Pad 5 Pro Launched With 13,380mAh Battery, Snapdragon 8 Elite Gen 5 SoC Alongside Oppo Pad Mini: Price, Features
  6. Redmi K90 Max Launched With Dimensity 9500 SoC, 8,550mAh Battery and Active Cooling Fan: Price, Specifications
  7. Oppo Find X9 Ultra Launched With Snapdragon 8 Elite Gen 5 SoC, 200-Megapixel Periscope Camera: Price, Specifications
  8. Oppo Find X9s Pro Launched With 200-Megapixel Cameras, 7,025mAh Battery: Price, Specifications
  9. OnePlus Ace 6 Ultra Geekbench Listing Reveals MediaTek Dimensity 9500 Chip, 16GB RAM
  10. Motorola Edge 70 Pro+ Leaked Renders Hint at Design, Five Colour Options
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.