Apple Product Security

Contacting Apple

To report security issues that affect Apple products, please contact: product-security@apple.com

A list of Apple contacts for topics other than security is available at the Contact Us page. For any iPod inquiries, please see either the iPod support page, or the iPod feedback page to contact the team directly.

For technical support for Apple products, call Apple or visit our Apple Support web site. Assistance via the telephone number is provided on a fee basis under Apple's standard technical assistance program.

Press contacts

Email: media.help@apple.com
See https://www.apple.com/pr for more information.

PGP key information

You can use Apple's Product Security PGP key to encrypt sensitive information sent via e-mail. The e-mail address is used to monitor for potential product security issues. Because we focus our response efforts to have the greatest impact across Apple's product line, we generally will not respond to the e-mail messages unless further information is needed for a security issue.

Checking Security in your System

Here are a few items to help with checking and improving the security of your system:

  • Please see the Mac OS X Security web page for an overview of Mac OS X security features.
  • Be sure that you are running the latest version of system software. Apple will release security updates from time to time, and having the latest available system software version should improve the security of your system. Check the Apple Security Updates page for more information.
  • Mac OS X Security Guides are available, and describe steps that can be taken to further enhance the security of your system.
  • In addition to the Mac OS X built-in security features, the Macintosh Products Guide contains offerings from third-party providers that could help to increase the security of your system in particular situations.

Mac OS X and Mac OS X Server are certified under the internationally-approved Common Criteria security standard.

Security notifications

For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. Apple usually distributes information about security issues in its products through this site and the mailing list below.

Mailing list

The Security-Announce mailing list is provided to obtain product security information from Apple.
You can subscribe via http://lists.apple.com/, also available via RSS.

Notifications developed by Apple are signed with the Apple Product Security PGP key. We encourage you to check the signature to ensure that the document was indeed written by our staff and has not been changed.

Updates

Check the Apple Security Updates page for released updates.

General product information

General information about Apple products is available at https://www.apple.com/. This information includes product documentation, as well as technical papers, hints, tips, and questions and answers.

Collaboration with other security groups

Apple works with the formal incident response community to distribute information. Most Apple security notices are distributed by CERT/CC at the same time that they are sent through Apple's own channels. Apple is a member of the Forum of Incident Response and Security Teams (FIRST), and cooperates with other FIRST members to disseminate security-related information.

Apple also works very closely with the FreeBSD Security team to analyze and release patches for security vulnerabilities.

Apple Web Server Notifications

This page credits people who have reported potential security issues in Apple's web servers.