Want CNET to notify you of price drops and the latest stories?

Apple: iOS, OSX, and Web site safe from Heartbleed attack

The tech giant confirms that its mobile, desktop, and Web services haven’t fallen prey to the vulnerability that has sent thousands of Web sites and services scrambling.

Dara Kerr Former senior reporter
Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.
Dara Kerr


Apple confirmed Thursday that it's safe from the massive bug that has been bombing the Internet.

When CNET asked Apple if it had patched the vulnerability for its Apple.com Web site and all the services it offers, a company spokesperson said its Web site is in the clear and that it never used the vulnerable software in its desktop and mobile operating systems.

"Apple takes security very seriously," an Apple spokesperson told CNET. "iOS and OS X never incorporated the vulnerable software, and key Web-based services were not affected."

CNET also tested Apple.com against the Qualys SSL Server Test, which additionally concluded that Apple isn't vulnerable to Heartbleed.

News of the Heartbleed bug was revealed earlier this week, sending sites and services across the Internet into patch mode. In short, Heartbleed has the capability to potentially expose people's usernames and passwords on sites like Facebook, Google, Yahoo, Pinterest, and many more.

Security vulnerabilities come and go, but this one is extremely serious. Not only does it require significant change at Web sites, it could require anybody who's used them to change passwords too, because those passwords could have been intercepted. That's a big problem as people's lives move more online and passwords are recycled from one site to the next.