A fraudulent SSL certificate has been issued for some public Web sites belonging to Google by the certificate authority DigiNotar. Although DigiNotar has now revoked the fraudulent certificate, which should protect most users, it’s conceivable that users on a compromised network could be fooled into using a fraudulent Web site masquerading as a Google service. Because the extent of the problem isn’t yet clear, Mozilla has released Firefox 6.0.1 (along with updates to all other currently supported Mozilla software) to revoke trust in the DigiNotar root certificate, which you can also disable manually. There are no other changes, but it’s worth getting the update to avoid potential problems related to the fraudulent certificate. (Free, 28.1 MB, release notes)
Subscribe today so you don’t miss any TidBITS articles!
Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For 28 years, we’ve published professional, member-supported tech journalism that makes you smarter.
Registration confirmation will be emailed to you.