You do not have to worry about the scary Heartbleed security flaw when using Apple’s cloud, iCloud.
Apple has confirmed that all of its devices and web services are safe from the bug and that its devices never used the problematic software at all, a spokesperson told Re/Code’s Mike Isaac:
“Apple takes security very seriously. IOS and OS X never incorporated the vulnerable software and key Web-based services were not affected.”
It was unlikely that Apple’s devices, iOS and Mac, would be affected by the bug in the first place. The problem is really in the security software used by many websites, known as OpenSSL, as opposed to the operating system software used by a Mac, smartphone or tablet.
The safely of iCloud.com has also been verified by others. This page on Github is the best public list of sites that have been tested and iCloud.com was found to be ok.
The Github page also lists dozens of other websites that were impacted. If you use any of them, you should …
2. If the site is fixed, change your password.
3. If the site isn’t fixed yet, avoid making any financial transactions with it, like sending your credit card number.