OpenAI 披露其使用的第三方开发库 Axios 存在安全漏洞,该问题属于近期行业安全事件的一部分。官方强调目前没有证据表明用户数据遭窃取、内部系统被入侵或软件遭到篡改。出于预防考虑,OpenAI 正在更新 macOS 应用的数字签名认证机制,要求所有 macOS 用户尽快将应用升级至最新版本,以防范潜在的假冒应用风险。用户可通过应用内更新或官网链接完成升级。
We recently identified a security issue involving the third-party developer library Axios that was part of a broader industry incident. We found no evidence that OpenAI user data was accessed, that our systems were compromised, or that our software was altered.
Out of an abundance of caution we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps.
We are updating our security certifications, which will require all macOS users to update their OpenAI apps to the latest versions. This helps prevent any risk-however unlikely-of someone attempting to distribute a fake app that appears to be from OpenAI. You can update safely through an in-app update or at the official links below. 🧵