New Vulnerability Affects Third-Party Mac Apps
Along with a flawed Sparkle version, vulnerable apps must also be running an unencrypted HTTP channel to receive software updates from offsite servers. Nefarious users capable of capturing network traffic, perhaps over an unsecured Wi-Fi connection, can leverage the Sparkle exploit to run malicious code remotely on a target computer.
It is already confirmed that the exploit affects apps on OS X Yosemite and OS X El Capitan, so if you have this version of Apple’s operating system installed on your computer, be careful.
Apple is reportedly aware of the issue, but so far hasn’t commented on it.
Follow us on