{"id":3281,"date":"2011-09-09T18:24:40","date_gmt":"2011-09-09T17:24:40","guid":{"rendered":"http:\/\/blog.intego.com\/?p=3281"},"modified":"2023-04-11T17:51:21","modified_gmt":"2023-04-12T00:51:21","slug":"apple-issues-security-update-for-diginotar-certificate-issue","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/","title":{"rendered":"Apple Issues Security Update for DigiNotar Certificate Issue"},"content":{"rendered":"<p>Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.<\/p>\n<blockquote><p>An attacker with a privileged network position may intercept user credentials or other sensitive information Description: Fraudulent certificates were issued by multiple certificate authorities operated by DigiNotar. This issue is addressed by removing DigiNotar from the list of trusted root certificates, from the list of Extended Validation (EV) certificate authorities, and by configuring default system trust settings so that DigiNotar&#8217;s certificates, including those issued by other authorities, are not trusted.<\/p><\/blockquote>\n<p>We&#8217;ve <a href=\"https:\/\/www.intego.com\/mac-security-blog\/fraudulent-google-com-certificate-causes-worries\/\">reported about this issue<\/a> and about <a href=\"https:\/\/www.intego.com\/mac-security-blog\/firefox-update-blocks-diginotar-security-certificates\/\">follow-ups by the Mozilla foundation and others<\/a> in dealing with it. Apple has reacted fairly quickly in getting this update out.<\/p>\n<p>The update is available via Software Update or from <a href=\"http:\/\/support.apple.com\/downloads\/\">Apple&#8217;s downloads page<\/a>, and more information about the update is available <a href=\"http:\/\/support.apple.com\/kb\/HT4920\">here<\/a>. This update is 869 KB for Snow Leopard, and 16 MB for Lion by download, but only 188 KB for Lion via Software Update.<\/p>\n<p>For even more information about the DigiNotar breach, see Joshua Long&#8217;s comprehensive article on <a href=\"https:\/\/security.thejoshmeister.com\/2011\/08\/how-to-revoke-trust-for-diginotar-root.html\" target=\"_blank\" rel=\"noopener\">How to Revoke Trust for DigiNotar Root CA Certs\u2014Even On Older Macs<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar. <\/p>\n","protected":false},"author":3,"featured_media":8975,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[3151,4678,119,128,129],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Issues Security Update for DigiNotar Certificate Issue - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2011-09-09T17:24:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-12T00:51:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Peter James\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg\",\"width\":\"400\",\"height\":\"260\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/\",\"name\":\"Apple Issues Security Update for DigiNotar Certificate Issue - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage\"},\"datePublished\":\"2011-09-09T17:24:40+00:00\",\"dateModified\":\"2023-04-12T00:51:21+00:00\",\"description\":\"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Issues Security Update for DigiNotar Certificate Issue\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\"},\"headline\":\"Apple Issues Security Update for DigiNotar Certificate Issue\",\"datePublished\":\"2011-09-09T17:24:40+00:00\",\"dateModified\":\"2023-04-12T00:51:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage\"},\"wordCount\":203,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg\",\"keywords\":[\"Apple\",\"DigiNotar\",\"Security Update\",\"TLS\/SSL Certificate\",\"TLS\/SSL Certificates\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116\",\"name\":\"Peter James\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g\",\"caption\":\"Peter James\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/","og_locale":"en_US","og_type":"article","og_title":"Apple Issues Security Update for DigiNotar Certificate Issue - The Mac Security Blog","og_description":"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/","og_site_name":"The Mac Security Blog","article_published_time":"2011-09-09T17:24:40+00:00","article_modified_time":"2023-04-12T00:51:21+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Peter James","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg","width":"400","height":"260"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/","name":"Apple Issues Security Update for DigiNotar Certificate Issue - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage"},"datePublished":"2011-09-09T17:24:40+00:00","dateModified":"2023-04-12T00:51:21+00:00","description":"Apple has released Security Update 2011-005 for Mac OS X 10.6 Snow Leopard and 10.7 Lion, to handle security issues raised by hacked certificates issued by Dutch certificate authority DigiNotar.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Apple Issues Security Update for DigiNotar Certificate Issue"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116"},"headline":"Apple Issues Security Update for DigiNotar Certificate Issue","datePublished":"2011-09-09T17:24:40+00:00","dateModified":"2023-04-12T00:51:21+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#webpage"},"wordCount":203,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg","keywords":["Apple","DigiNotar","Security Update","TLS\/SSL Certificate","TLS\/SSL Certificates"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/apple-issues-security-update-for-diginotar-certificate-issue\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d0c16bd0a4dd8f82d91204f400c8d116","name":"Peter James","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0626bfb4ada576ba5aa775322329ad47?s=96&d=mm&r=g","caption":"Peter James"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/peter\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/11\/exclamation-point.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-QV","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3281"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=3281"}],"version-history":[{"count":1,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3281\/revisions"}],"predecessor-version":[{"id":97691,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/3281\/revisions\/97691"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/8975"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=3281"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=3281"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=3281"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}