Mac users still vulnerable to rogue Google certs

Microsoft on Wednesday (Manila time) issued a patch to protect users of its Windows operating system against rogue security certificates from DigiNotar, even as a computer security firm warned users of Apple’s Mac OS X may still be vulnerable. Redmond-based Microsoft released an update to security advisory 2607712, which permanently removed all five DigiNotar root certificates to the “revoked" certificate store. “It provides protection for all supported versions of Windows (XP, 2003, Vista, 2008, 7 and 2008R2)," Sophos said in a blog post. The patch covers all five root certificates owned by DigiNotar, even as Sophos noted the previous release only blocked two. All Windows users using automatic updates will apply this update and no reboot is required, Sophos added. “Users are no longer presented with a certificate warning, they are prevented from accessing sites with SSL certificates issued by DigiNotar," it said. As for users in the Netherlands, Microsoft has worked with Dutch authorities to delay the rollout of the update until next week’s Patch Tuesday. But Sophos noted Apple users have yet to receive an update as of Wednesday. “Well, apparently they are too busy playing Angry Birds and making pictures in Photoshop to worry about pesky certificate issues. My advice if you run a Mac? Use BootCamp and Windows 7 until Apple decides to provide a patch. Or I guess you could use Firefox or Chrome... your choice," it said. — TJD, GMA News