Wednesday, 10 February 2016
Security researchers have identified a flaw with older versions of the software updater Sparkle, used by certain iterations of Mac apps like uTorrent, Camtasia and Sketch that leaves them vulnerable to man-in-the-middle attacks. Attackers can exploit the vulnerability in certain apps that use both the identified versions of Sparkle to send and receive updates, as well as an unencrypted HTTP channel, to install malicious code on your machine. This would typically be done over an unsecured Wi-Fi network and the researchers found this is even the case if you’re using the latest version of Mac OS. A confirmed list of vulnerable apps seen by Ars Technica…
This story continues at The Next Web
