ID: IRCNE2011091244
Date: 2011-09-10
According to "zdnet", Apple has released a security update for OS X 10.6 Snow Leopard and OS X 10.7 Lion that addresses an issue in which the use of fraudulent certificates could allow an attacker to steal user credentials and other private information through a network connection. The problem revolved around the use of DigiNotar as a trusted certificate authority, which has been removed by this update.
In recent months the company suffered a hacking attack which resulted in hundreds of certificates issued for various Web companies (including Google, Yahoo, Mozilla) and these certificates were subsequently used in various attacks on the Web companies' services.
Before this update, OS X users would have to manually remove DigiNotar certificates, but this update now keeps the certificates from being automatically used.
The update can be installed through Software Update, or from the following download links:
- 2