Many of the most popular Mac OS X apps have recently been discovered to be vulnerable to man-in-the-middle attacks (MiTM).
Η vulnerability it specifically targets applications that use Sparkle – one for mobile devices to report the third-party update framework – and unencrypted HTTP connections.
A security technician from Vulnsec, known as Radek, reported that vulnerability works both in El Capitan and his predecessor, Yosemite.
The total number of applications affected is not known, but Radek estimates that the number is "huge":
- Camtasia 2 (v2.10.4)
- DuetDisplay (v1.5.2.4)
- uTorrent (v1.8.7)
- Sketch (v3.5.1)
Additionally, security researcher Jonathan Zdziarski told Ars Technica that the tool reverse engineering “Hopper” as well as “DXO Optics Pro” are also vulnerable.
If you want to see the full list of applications that might be vulnerable to MITM attacks, the following link provides a list of applications that use Sparkle.
It is important to note, however, that not all these Mac applications are communicating via unencrypted HTTP connections, and that they do not all use the same (vulnerable) version of Sparkle.
The popular Adium chat program, for example, uses Sparkle but communicates via HTTPS.
If you are running an application that could be vulnerable, the best thing to do is to update it immediately.
See the list
https://github.com/sparkle-project/Sparkle/issues/717
