Why the OpenSSL Heartbleed bug doesn't affect OS X or OS X Server

Sponsored Links

Steve Sande
April 9th, 2014
In this article: heartbleed, Mac, OpenSSL, os x, os x server
Why the OpenSSL Heartbleed bug doesn't affect OS X or OS X Server

There's been a lot of concern about the OpenSSL Heartbleed bug, which is a vulnerability that allows theft of information that's normally protected by the SSL/TLS encryption used to secure many Internet sites and services. Well, thanks to a tip from former TUAW-er Damien Barrett, those of us who run OS X and OS X Server can breathe a bit easier:

"PSA: No versions of OS X or OS X Server are affected by the OpenSSL Heartbleed bug, because the last version of shipped by Apple in an OS was 0.9.8y, which is a branch not affected by this bug. So unless you've installed OpenSSL via MacPorts or Homebrew, your public-facing OS X servers/services should be immune to this bug."

While OS X and OS X server are "immune", we still recommend that you stay safe out there. Remember to keep your eyes open for news of other security vulnerabilities, change your passwords on a regular basis, and be sure to back up your data constantly.

If you want to know more about Heartbleed itself, TechCrunch posted this great video and here's a little background on why there's a logo and website to spread info about this security issue.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget