‘Huge’ number of Mac apps are vulnerable to man-in-the-middle attacks

‘Huge’ number of Mac apps are vulnerable to man-in-the-middle attacks
Credit: 360b via Shutterstock

Many of OS X’s most popular apps were recently revealed to be vulnerable to man-in-the-middle (MiTM) attacks.

The vulnerability specifically targets those that use Sparkle — a third-party software update framework — and unencrypted HTTP connections.

A security engineer from Vulnsec, known as Radek, said the vulnerability works on both El Capitan and its predecessor, Yosemite.

The total number of apps affected isn’t known, but Radek did estimate the number to be “huge.” Some of those confirmed as vulnerable are:

  • Camtasia 2 (v2.10.4)
  • DuetDisplay (v1.5.2.4)
  • uTorrent (v1.8.7)
  • Sketch (v3.5.1)

Additionally, security researcher Jonathan Zdziarski told Ars Technica that the ‘Hopper’ reverse engineering tool and ‘DXO Optics Pro’ are also susceptible.

If you want to see the full list of apps that could be vulnerable to MiTM attacks, there is a list of apps that use Sparkle, here. It’s important to note, however, that not all of these apps communicate over insecure HTTP networks, nor do they all use the same (vulnerable) version of Sparkle.

The popular chat client Adium, for instance, uses Sparkle but communicates over HTTPS.

If you’re running an app that could be vulnerable, the best thing to do is update it immediately. That said, end users have no real way of knowing what is vulnerable and the problem might not necessarily be solved with an update if the update still features HTTP communication and a vulnerable version of Sparkle.

Good luck out there.

“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive [Ars Technica]

Read next: Politwoops is back in the US in time for you to make fun of dumb stuff politicians tweet

Corona coverage

Read our daily coverage on how the tech industry is responding to the coronavirus and subscribe to our weekly newsletter Coronavirus in Context.

For tips and tricks on working remotely, check out our Growth Quarters articles here or follow us on Twitter.