In aceasta seara Apple a lansat Security Update 2011-005 pentru Mac OS X care rezolva unele probleme care afectau certificatele disponibile in noul sistem de operare a companiei. Noul update rezolva problemele cu unele certificate emise de compania DigiNotar care a fost compromisa saptamana trecuta de un hacker care a reusit sa obtina acces la o baza de date cu informatii confidentiale. Update-ul lansat in aceasta seara de catre Apple revoca statutul de sursa sigura a certificatelor emise de catre programe afiliate software-ului DigiNotar, totul in ideea de a proteja utilizatorii de eventuale programe facute de hackeri.
Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information
Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar’s certificates, including those issued by other authorities, are not trusted.
DigiNotar, one of hundreds of firms authorized to issue digital certificates that authenticate a website’s identity, admitted on Aug. 30 that its servers were compromised weeks earlier. A report made public Monday said that hackers had acquired 531 certificates, including many used by the Dutch government, and that DigiNotar was unaware of the intrusion for weeks.
Noul update lansat de catre Apple este disponibil pentru toti utilizatorii si poate fi instalat fie descarcandu-l din pagina dedicata de pe site-ul Apple fie instalandu-l prin Software Update.
