Apple has confirmed that none of its products, including web services like iCloud.com, are vulnerable to the nasty Heartbleed web bug that was recently uncovered.
Heartbleed allows hackers to intercept sensitive traffic and steal information like logins from websites using OpenSSL encryption. So when you visit a website with a little padlock in the address bar and think you’re safe, you maybe aren’t.
An Apple spokesperson told Re/Code the following:
“Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key web-based services were not affected.”
That doesn’t mean iPads, iPhones and Mac are invulnerable to Heartbeat, but it does mean that your passwords and other data on iTunes, iCloud and other Apple services weren’t vulnerable to the bug.
Famed security researcher Bruce Schneier called Heartbleed a 11 out of 10 on the scale of “catastrophic” security flaws. It potentially affects up to 66% of the internet’s servers.
For more information about Heartbleed, check out our detailed explanation.
- Source Re/Code