Applications for Mac were under threat of attack

Computers on OS X is vulnerable, and this was confirmed many times. A new vulnerability, found by researcher in the field of security under the name Radek, could allow attackers to gain access to a huge number of applications installed on our Mac, and use it to attack other computers on the same network. Attack-prone apps for OS X Yosemite and OS X El Capitan.

The vulnerability lies in the Sparkle. For those who don’t know: Sparkle is a tool that is actively used by developers of third-party applications to update product to the latest version. This applies only to those applications that are installed and updated without the help of the Mac App Store. The mechanism of app updates in OS X doesn’t use Sparkle to Update apps from the Apple store.

The vulnerability exists due to the fact that your environment Sparkle Update connect using HTTP instead of secure HTTPS Protocol. Of course, in the first place the information about the vulnerability received the developers. Sparkle has already updated their environment and closed the vulnerability. Many developers are already working on update, but some, such as the creators of the popular player, VLC, has released an updated app using the new environment Sparkle Update.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *