Apple: iOS, OS X and ‘key web services’ aren’t heartbleeding

Why the NSA might not say anything about the next ‘Heartbleed’

Following the revelation that hundreds of thousands of websites are susceptible to attacks based on the “Heartbleed” flaw in OpenSSL, Apple told Re/code that its operating systems including iOS and OS X, as well as unnamed “key” web-based services are not affected by the hack.

“Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected,” an Apple spokesperson told the publication.

While Apple would not say what those key web services are, 9to5Mac says it tested and various iTunes servers that host Apple’s online stores using an online tool that checks for Heartbleed and all of them are secure. The publication added that users who rely on a server powered by OS X 10.8 or 10.9 to run a web service are also secure.

Heartbleed allows hackers aware of the issue to fish for user passwords on the sites affected by the security flaw. Changing the password will not fix the problem as long as the company doesn’t patch up the issue. This Chrome plugin should help you check out what sites are vulnerable to Heartbleed at the moment, with more and more companies securing their online services.

More from BGR: Completely redesigned iPhone 6 fully detailed in huge leak from insider

This article was originally published on

Related stories

The iWatch will apparently be another big-margin win for Apple

Redesigned iPhone 6 seemingly revealed by third-party case maker

Study shows why Apple absolutely needs a bigger iPhone 6