OpenAI macOS security fix

OpenAI said on April 10 that it is revoking certificates for some macOS apps and forcing updates after finding a security issue in a third-party developer tool. (openai.com) The company said the issue involved Axios, a widely used software component for handling internet requests, and affected the process that proves a Mac app is a legitimate OpenAI app. OpenAI said it found no evidence that user data, internal systems, or intellectual property were accessed. (openai.com) OpenAI said users should update ChatGPT, Codex, and Atlas on macOS to the latest versions released on April 10. Older versions will lose support after May 8, 2026, according to the company and follow-up reporting by Reuters and other outlets. (openai.com) (reuters.com) A software certificate works like a digital passport for an app: it tells macOS who signed the software and whether the operating system should trust it. OpenAI said it is replacing affected certificates “out of an abundance of caution” after the Axios incident. (openai.com) The Axios problem was part of a broader software supply-chain attack disclosed in late March and early April. Microsoft said on March 31 that malicious Axios package versions 1.14.1 and 0.30.4 were published to the npm software registry and connected infected machines to attacker-controlled servers. (microsoft.com) Microsoft attributed the Axios compromise to Sapphire Sleet, a North Korean state actor, and said the malicious packages could deliver remote-access malware on macOS, Windows, and Linux. Elastic said one Axios maintainer account was taken over and two backdoored versions were available for 39 minutes before removal. (microsoft.com) (elastic.co) OpenAI’s disclosure points to a narrower risk than a customer data breach: trust in the app-signing chain used to distribute desktop software. The company said the issue was limited to the certification process for its macOS apps, not to the apps’ code or OpenAI’s production systems. (openai.com) The update warning applies to Mac software, not every OpenAI product. OpenAI’s help center says the ChatGPT macOS app requires macOS 14 and Apple Silicon, and a separate help article says web, Windows, and Android access are not affected by this app-specific support change. (help.openai.com 1) (help.openai.com 2) For Mac users, the practical deadline is May 8. After that date, OpenAI said unsupported older app versions may stop working, even though the company says it found no sign that customer data was exposed. (openai.com)