Many of the most popular Mac OS X applications have been discovered recently be vulnerable to man-in-the-middle (MiTM) attacks.
The vulnerability specifically targets apps that use Sparkle – a software update framework third parties – and unencrypted HTTP connections.
A security technician from Vulnsec, known as Radek, reported that vulnerability works both in El Capitan and his predecessor, Yosemite.
The total number of applications affected is not known, but Radek estimates that the number is "huge":
- Camtasia 2 (v2.10.4)
- DuetDisplay (v1.5.2.4)
- uTorrent (V1.8.7)
- Sketch (v3.5.1)
In addition, the security researcher Jonathan Zdziarski told Ars Technica that the reverse engineering tool “Hopper” as well as “DXO Optics Pro” are also vulnerable.
If you want to see the full list of applications that might be vulnerable to MITM attacks, the following link provides a list of applications that use Sparkle.
It is important to note, however, that not all these Mac applications are communicating via unencrypted HTTP connections, and that they do not all use the same (vulnerable) version of Sparkle.
The popular one program for Adium chat, for example, it uses Sparkle but communicates over HTTPS.
If you are running an application that could be vulnerable, the best thing to do is to update it immediately.
See the list
https://github.com/sparkle-project/Sparkle/issues/717
