Apple says iOS, OS X, iTunes and iCloud not affected by Heartbleed OpenSSL bug

Advertisement
By NDTV Correspondent | Updated: 11 April 2014 14:24 IST
The Heartbleed bug, which came to light this week, is a massive security vulnerability that affects the encryption framework used by about two-thirds of the world's Web servers, leaving users' passwords and confidential information potentially available to malicious attackers. Since its disclosure, major Web companies have been scrambling to patch their infrastructure and assess the extent of their liability.

While major Web services including Facebook, Dropbox, Yahoo, Amazon and multiple Google offerings are now known to have been vulnerable prior to the disclosure of the bug. Apple has now told tech industry news site Re/code that its products and services were not affected by the bug. Apple has said its operating systems, OS X and iOS, as well as web services including iTunes and iCloud, which are used by millions of users and generate millions of transactions per day, never used the vulnerable OpenSSL implementation.

The OpenSSL Heartbleed bug is being described as one of the most serious security problems to ever affect the Internet. It is not known whether malicious "black hat" hackers were aware of the bug and were exploiting it before security workers were aware of the need to patch it.

Heartbleed allows attackers to send commands to a server which result in it sending small portions of the system memory back to the attacker, unencrypted. Many of these snippets of data could be combined to reveal critical information stored in the memory, including top-level encryption keys and actual user data such as passwords and the contents of messages. With access to such keys, the attackers could then decrypt any information flowing to or from that server, without anyone realising.

Web users are advised to change all passwords, since the worst-case scenario that information has already leaked out, and millions of existing SSL certificates are useless, is completely plausible. In addition to attackers usually motivated by profit, global security agencies that have been in the news for monitoring private communications, are also likely to have been interested in the potential for data gathering using the Heartbleed bug.
Post your comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Apple, Dropbox, Facebook, Gmail, Google, Heartbleed, OpenSSL, Yahoo, internet security, security
Facebook leading women to eating disorders: Survey
Amazon to buy digital comics company comiXology
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OTT Releases This Week: Gandhi Talks, Subedaar, War Machine, Hello Bachhon, and More
  2. Here's When the Poco C85x 5G Will be Launched in India
  3. Vikram On Duty OTT Release: When, Where to Watch This Telugu Crime Thriller
  4. The Upcoming Poco X8 Pro Series Could be Launched Globally on This Date
  5. Vivo X300 Max With Zeiss Cameras Spied at MWC 2026, Could Launch Soon
#Latest Stories
  1. Laalo – Krishna Sada Sahaayate OTT Release: When, Where to Watch the Gujarati Spiritual Drama
  2. Vikram On Duty OTT Release: When, Where to Watch Nikhil Maliyakkal’s Telugu Crime Thriller
  3. Annagaru Vostaru OTT Release: When, Where to Watch Karthi’s Telugu Action-Comedy
  4. Local Times OTT Release: Know When and Where to Watch the Tamil Comedy Drama Online
  5. Vivo X300 Max With Zeiss Cameras and Android 16 Spotted at MWC 2026, Could Launch Soon
  6. WhatsApp Update Introduces Support for Discovering Stickers While Typing Emoji: How It Works
  7. This AI-Powered Portable Device Claims to Detect Microphones and Jam Audio Recordings
  8. Poco X8 Pro Series Global Launch Date Leaked Ahead of Anticipated Debut: Expected Price, Specifications
  9. MacBook Neo Geekbench Scores Indicate It Performs on Par With iPhone 16 Pro Max
  10. Xiaomi Testing Experimental AI Agent Miclaw, Can Perform Complex Tasks Across Devices
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.