Apple has confirmed that iOS, OSX, and other "key" web services were not vulnerable to the Heartbleed bug that has affected numerous popular websites. "Apple takes security very seriously. iOS and OS X never incorporated the vulnerable software and key Web-based services were not affected," an Apple spokesperson told Re/code.
The statement comes just a few days after the vulnerability was disclosed. Apple did not specify which key web services it's referring to and if any of its properties were indeed hit – though the wording at least suggest that nothing critical was compromised.
The bug, which has reportedly affected almost two-thirds of the internet, including Google, Facebook, Yahoo, and more, is being termed as catastrophic because cyber criminals can exploit it to force the affected servers to expose valuable information like passwords, credit card numbers, and more.
Users are being asked to update their passwords, but only after the internet companies have updated their security software. To ease some of the pain and guesswork, password management tools like LastPass are now including recommendations for the bug, highlighting websites affected by the bug and whether they've taken the necessary steps to mitigate the risk, suggesting that you go ahead and update your passwords or wait.
Apart from Apple, other websites like Twitter, Ebay, Amazon, and more were also not affected by the Heartbleed Internet vulnerability. For a list of vulnerable websites, head over to this Cnet article.