MAC

My Tech, My Travel, My Time

OSX Sparkle Exploit

10/02/16 10:53 Filed in: OSX

There's a lot of stuff going around about the OSX Sparkle Exploit….How to check stuff.

====
Plenty of stuff in the press today about a Sparkle Software Update leaving a Mac OSX machine open to Man in the Middle attacks. Interesting stuff - you can read about it here:

Sparkle software updater leaves 'huge' number of Mac apps open to attack

Fortunately there's a pretty easy way to scan your system for Sparkle based apps, and get their version numbers. I believe anything below 1.13.1 is at risk from the exploit. You can scan your system to get versions of Sparkle apps using this command from Terminal:

find /Applications/ -path '*Sparkle.framework*/Info.plist' -exec echo {} \; -exec grep -A1 CFBundleShortVersionString '{}' \; | grep -v CFBundleShortVersionString

The output of that will show you the version numbers as well, and what apps you potentially have to address.

blog comments powered by Disqus

Apple (92)
Cars (3)
Exchange (6)
Industry (59)
Lync (51)
Office365 (10)
OSX (3)
Scripting (3)
Skype (25)
Windows (53)

2023
2022
2020
2019
2018
2017
2016
2015
2014
2013

RSS Feed