This week the folks at Apple have added to the stacks of sites making clear that they were either unaffected by the Heartbleed bug or have been patched successfully. Apple has released a statement that suggests they “take security very seriously” and that iOS and OS X “never incorporated the vulnerable software” in the first place. They also made clear that “key web-based services were not affected” either.
Those checking sites for Heartbleed with the Filippo tool can rest assured that Apple.com is good to go. You’ll find Apple’s services to have been patched or having never used OpenSSL – the older version of it – for quite a while now. This does not dismiss the idea that any Apple product could at one point or another have used the version of OpenSSL that was vulnerable to Heartbleed, but you’re probably safe either way.
This adds to the ever-growing list of companies that have made clear their safety from the bug. The bug, that is, that’s captured the fears of most of the internet over the past few days – and given the rest a miss until they realized what they’ve been skipped with, and proceed to freak out.
For some additional reactions, have a peek at our article Heartbleed bug: vulnerable and patched sites chime in. We’ve also gone over how to avoid this massive web hack as well as checking out some easy fix-it steps like the software known as Chromebleed, a fancy extension for your web browser.
Finally, don’t forget the creator of this bug, a coder who suggests it was a mistake and remains baffled as to how it slipped through the cracks.