Apple releases update to remove DigiNotar from trusted list


Patched Apple laptopSlightly less than two weeks after the first public signs of DigiNotar being compromised, Apple has revoked their certificates.

The Apple update is available for users of Snow Leopard (10.6) and Lion (10.7), but mysteriously not offered to users of Leopard or earlier versions.

Apple software updateAfter applying the update Mac users should no longer see DigiNotar as a trusted root certificate in the Keychain Access application.

You can check for updates by clicking the Apple logo in the upper-left corner of the screen and choosing Software Update.

If you are running an older Mac you can still protect yourself, but you will need to do it manually. You can follow the excellent instructions posted over at the ps | Enable blog.

Apple (along with Microsoft, Google and RIM) have not released any updates for their mobile platforms.

This is an opportunity for Apple to get ahead of the competition.

It is much easier for Apple to patch iDevices then Google to fix Androids, get the handset makers to apply the fixes and then convince the carriers to deploy the updates.

Apple users should apply this update as soon as they can and hope that the other CAs the hacker is claiming he hacked won’t end up in a similar situation to DigiNotar.