Using Cricut Design Space porblems with malware and third parter certificate

I cannot use my Cricut Design Space app. Their website says...



We found a malicious self-signed root certificate authority called "Apple" which is being trusted by the system. A list of certificates can be found in Keychain Access > Systems.


They say to open Safari got to google. com and check the certificate. If it shows what's in the attached pic then there's a problem and to contact Apple support.



I need to know how to get rid of this please.

MacBook Pro 15″, macOS 10.14

Posted on Dec 24, 2022 10:59 AM

Reply
7 replies

Dec 24, 2022 11:37 AM in response to FabCrafts

<< We found a malicious self-signed

root certificate authority called "Apple" which is being trusted by the system. >>


Certificates are stored in your keychain, and managed by the Utility named "Keychain Access".

You should find it in your /Applications/Utilities folder, or by typing keychain access name into a spotlight window.


when keychain access window opens, type Apple in the keychain access search bar, and click on certificates.


DO NOT DELETE these pre-installed, Pre-Trusted Root and related Apple certificates, if so equipped. Deleting them is like deleting the beating heart of MacOS, and a system re-Install WILL be required.



But if you find a self-signed certificate named Apple that does not resemble the ones above, it may be malware. If not sure, post back with its information.







Dec 24, 2022 07:16 PM in response to FabCrafts

All those Apple items look like junk, and the ones you must not touch would all be labeled "System Root" -- which is none of those.


Most suspicious is the one that appears to be "Trusted" by having a blue plus sign on it.

select one of those and see what is says about Trust.


Remember that REAL Apple certificates are never "self-signed" -- they are always based on a a real certificate authority.

Dec 25, 2022 09:36 AM in response to FabCrafts

You can delete any of those Apple certificates if they say self-signed, they are definitely bogus.

Apple uses its own Certificate Authority -- it never uses self-signed certificates.


--------

Just as general caution, does not apply to these: Never delete anything that says it is a 'System Root' certificate (none of the ones you are showing). 'System Root' certificates are pre-Trused and installed when you install MacOS.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Using Cricut Design Space porblems with malware and third parter certificate

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.