Apple releases Security Update to block hacked Web certificates

Apple on Friday released Security Update 2011-005, which addresses fraudulent Web security certificates issued by a recently-hacked Dutch certificate authority DigiNotar.

The update, available for both Snow Leopard and Lion, offers Mac users protection from sites that could falsely claim to be trustworthy. The breach allowed hackers to issue bogus digital certificates, files that your Web browser uses when you make secure (HTTPS) connections.

The Security Update addresses the issue by removing DigiNotar from your Mac’s list of trusted root certificates and the list of Extended Validation certificate authorities. The update also configures default system trust settings so that DigiNotar’s certificates—including those it issues through other authorities—aren’t trusted.

You can install the Security Update through Software Update, or download the Lion or Snow Leopard updates directly from Apple’s website.

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Best of Macworld Newsletter