Apple Inc Laptop In Massive Numbers Vulnerable To Sparkle Updater Hijacking

By Jose de la Cruz | Feb 11, 2016 10:10 PM EST

TEXT SIZE    

An Apple Inc Laptop new vulnerability has recently been discovered. It involves a Sparkle updater. This situation puts huge numbers of Apple Inc laptops at risk for hijacking.

A tool most often used by third-party apps, Sparkle is not actually offered at the Mac App Store. But it allows updates to be advertised to users. The framework of Sparkle is utilized by apps outside of the store in order to speed up software updates.

Among the apps that are at risk for this type of hack are Sketch, uTorrent, Cantasia and DuetDisplay. The attack is both directed to El Capitan and OS X Yosemite.

Sparkle causes vulnerability to the device by allowing an attacker to grab control of another computer or device on the network through a man-in-the-middle attack, according to a blog of Radek, a security researcher.

This type of assault will work once a third party interrupts traffic between a user and a server and then seizes and changes that traffic from the user.

According to Ars Technica, although a big number of Apple Inc apps are at risk, it is hard to estimate precisely which apps that use Sparkle are vulnerable to hijacking. There is a list of apps compiled by GitHub that use Sparkle, however not all the apps listed are using the vulnerable version, and not all of them use non-secured HTTP channels to transfer data.

It seems that apps that were downloaded through the Apple Inc Mac App Store are not vulnerable since the built in software update mechanism of the OS X does not use Sparkle.

At any rate, Sparkle has recently released a fix in the latest version of its updater. However, it may take some time before Mac apps can implement the particular patched framework.

The suggestion of Ars Technica is for affected users to only use unsecured Wi-Fi networks through a VPN, or not to use them altogether.

pre post  |  next post
More Sections