“Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key web-based services were not affected,” an Apple spokesperson told Re/code.
Heartbleed was a security flaw in the popular open-source software OpenSSL which helps provide secure connections between clients and servers. Due the ubiquity of OpenSSL, Heartbleed is believed to have affected approximately 66% of the internet.
Security blogger Bruce Schneier describes the issue as “Catastrophic” and on “the scale of 1 to 10, this is an 11.” The flaw allowed servers to leak server memory to a malicious attacker, allowing hackers to extract login/password and other private data from a server. Users are recommended to change their passwords on all services that may have been affected. Washable provides a list of services where you should change your password. Fortunately, MacRumors Forums was unaffected by the security flaw.
from MacRumors: Mac News and Rumors – All Stories http://ift.tt/1qA4U11