There is a new kind of security vulnerability that has befallen on a very popular framework used by many of the Mac applications. This vulnerability has the capacity to hijack Sparkle framework. This can even leave the users to open attacks where the attacker can easily alter and relay communication happening between two parties.
All of the popular third party OS X applications like Duet Display, Sketch, UTorrent, Camatasia, etc., use the Sparkle framework. With the hackling of this framework, the attackers can easily get access to user’s account. Sparkle is used by the third party applications to carry out updates in the backdrop automatically.
This Sparkle hijacking can be easily undertaken on Mac computers that are running on an outdated Sparkle version. The issue is due to inappropriate execution of Sparkle updates carried out by the Sparkle developers. The vulnerability gives the wicked user complete control to insert virus codes in the communication that is taking place between the user and the server. The end result will be that the affected Mac system will be in full control of the malicious user.
Users connecting to the internet in public Wi-Fi hotspots must be very careful as the malicious user can easily exploit your system. It is worth mentioning that TorGuard does not use Sparkle framework and hence its OS X app is safe.