Why the OpenSSL Heartbleed bug doesn't affect OS X or OS X Server
There's been a lot of concern about the OpenSSL Heartbleed bug, which is a vulnerability that allows theft of information that's normally protected by the SSL/TLS encryption used to secure many Internet sites and services. Well, thanks to a tip from former TUAW-er Damien Barrett, those of us who run OS X and OS X Server can breathe a bit easier:
"PSA: No versions of OS X or OS X Server are affected by the OpenSSL Heartbleed bug, because the last version of shipped by Apple in an OS was 0.9.8y, which is a branch not affected by this bug. So unless you've installed OpenSSL via MacPorts or Homebrew, your public-facing OS X servers/services should be immune to this bug."
While OS X and OS X server are "immune", we still recommend that you stay safe out there. Remember to keep your eyes open for news of other security vulnerabilities, change your passwords on a regular basis, and be sure to back up your data constantly.
Subscribe to Newsletter
Software Updatesmore updates
- Automatic targets teen drivers with License+ service
- Dropbox adds support for TouchID
- YouTube for iOS gets updated with full support for iPhone 6 and 6 Plus
- iOS 8.0.1 update now available (Updated -- Don't update!)
- NFL Mobile updated for 2014 Season with new Fantasy Football features, NFL Now integration
- Yahoo Mail improves email inbox searching with new filtering options