Data Security, Encryption, Patch/Configuration Management, Vulnerability Management

Latest Mac OS X update locks out some PGP users

A massive security update from Apple this week fixed more than 130 security flaws in its Mac OS X operating system, but it left users of PGP's Whole Disk Encryption (WDE) product unable to reboot their computers.

PGP users first started noting problems about the update, Mac OS X 10.6.5, shortly after it was released on Wednesday.

Symantec, which now owns PGP, first issued an alert about the issue on Wednesday, warning PGP WDE users to not apply the update. Symantec said the problem was the result of “compatibility issues.”

The update included a new boot file that overwrites the previous edition of the file used by PGP WDE, a Symantec spokeswoman said in a statement to SCMagazineUS.com on Friday. The new file causes user machines to skip a preboot authentication step and results in the disk not being unlocked prior to boot, subsequently preventing the system from booting.

If the update to OS X 10.6.5 has already been made and the machine fails to boot, the data on the machine is not lost, however, Symantec said. 

The company issued a fix for affected users that involves booting into OS X from the PGP recovery CD. WDE users who have not yet applied the OS X update can safely do so by decrypting the system first, then applying the update, then re-encrypting the system. 

“This appears to be the first time Apple has modified boot.efi in a minor update, and Symantec is adjusting test procedures accordingly to help avoid this issue in the future,” Symantec said in a statement. 

However, many users have criticized the encryption provider for failing to warn users about the compatibility issues, especially since test versions of the 10.6.5 update have been available to developers for several months.

The update from Apple fixed approximately 80 vulnerabilities in Mac OS X "Snow Leopard" and dozens of other flaws affecting the Flash Player plug-in.

Many of the vulnerabilities could be exploited by an attacker to run malicious code on a user's system.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.