Apple has released Security Update 2011-005 for Mac OS X 10.6 (“Snow Leopard”) and Mac OS X 10.7 (“Lion”). It addresses an issue with fraudulent certificates issued recently by DigiNotar.
According to “The Mac Security Blog” (http://macte.ch/GNnks): “An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar’s certificates, including those issued by other authorities, are not trusted.”
Security Update 2011-005 can be obtained via the Software Updates component of the Mac OS X Systems Preferences app.
