Apple patches OS X for DigiNotar threat

Apple released the security update Friday
  • (IDG News Service)
  • — 10 September, 2011 04:50

Apple is rolling out an OS X patch to deal with the DigiNotar threat. DigiNotar will be removed from the list of trusted root certificates.

Apple announced the patch in a security update bulletin. "Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted," stated the bulletin published on Friday.

The patch is available for Mac OS X, Mac OS X Server, OS X Lion and Lion Server. Apple's patch follows the revoking of DigiNotar as a trusted SSL (Secure Sockets Layer) certificate provider by Microsoft on Monday and browser makers Google and Mozilla earlier this month.

"For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available," Apple added to the page detailing the patch. That message is standard practice in Apple's security bulletins.

"It is disturbing that Apple does not communicate about security issues," said Roel Schouwenberg, security researcher at Kaspersky, in a phone interview. Apple keeps users in the dark until there is a patch available. "That is really old-fashioned," said Schouwenberg. Apple is "certainly very late" with the security update, he said.

"We also still don't know what is going on with iOS," Schouwenberg added. It is still unclear whether Apple will revoke certificates on the iPhone or the iPad. The same goes for Google's Android. Schouwenberg called this "very strange."

He pointed out that smartphones are basically computers and that most companies use the phones to handle corporate email. "If they are not releasing updates for mobile phones then that should certainly be substantiated," said Schouwenberg.

Google and Apple did not immediately comment on Friday.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Loek Essers

IDG News Service
Topics: patches, Apple, Mac OS, security, software, operating systems
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
Use WhistleOut's technology to compare:
Mobile phone plans & deals
Mobile phone models
Mobile phone carriers
Broadband plans & deals
Broadband providers
Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?