A world of hurt after McAfee mistakenly revokes key for signing Mac apps

0
222

Travis Nep Smith A McAfee administrator accidentally revoked the digital key used to certify desktop applications that run on Apple’s OS X platform, creating headaches for customers who want to install or upgrade Mac antivirus products. A certificate revocation list  [CRL] hosted by Apple Worldwide developer servers lists the reason for the cancellation as a “key compromise,” but McAfee officials said they never lost control of the sensitive certificate which is used to prove applications are legitimate releases. The revocation date shows as February 6, meaning that for seven days now, customers have had no means to validate McAfee applications they want to install on Macs. “We were told that as a workaround, we should just allow untrusted certificates until they figure it out,” an IT administrator at a large organization, who asked that he not be identified, told Ars. “They’re telling us to trust untrusted certs, and that definitely puts us at risk.” Read 6 remaining paragraphs | Comments

View the original here:
A world of hurt after McAfee mistakenly revokes key for signing Mac apps

LEAVE A REPLY

Please enter your comment!
Please enter your name here

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.