Why the OpenSSL Heartbleed bug doesn't affect OS X or OS X Server
There's been a lot of concern about the OpenSSL Heartbleed bug, which is a vulnerability that allows theft of information that's normally protected by the SSL/TLS encryption used to secure many Internet sites and services. Well, thanks to a tip from former TUAW-er Damien Barrett, those of us who run OS X and OS X Server can breathe a bit easier:
"PSA: No versions of OS X or OS X Server are affected by the OpenSSL Heartbleed bug, because the last version of shipped by Apple in an OS was 0.9.8y, which is a branch not affected by this bug. So unless you've installed OpenSSL via MacPorts or Homebrew, your public-facing OS X servers/services should be immune to this bug."
While OS X and OS X server are "immune", we still recommend that you stay safe out there. Remember to keep your eyes open for news of other security vulnerabilities, change your passwords on a regular basis, and be sure to back up your data constantly.
Subscribe to Newsletter
Software Updatesmore updates
- Fantastical 2.1 for iOS adds new snooze, search and notification features
- ExpanDrive 4, more services and faster sync
- Apple adds iTunes Extras to Apple TV
- Spotify updates with new iPhone controls in time for summer BBQs
- iTunes U update will bring course creation and student discussion to iPad app
- Dropbox for iOS update adds new setup and file management options