A framework used by developers to perform software updates in Mac apps has potentially put the users of some popular tools at risk, via a recently discovered flaw. A vulnerability in the Sparkle framework makes apps including Camtasia, uTorrent, and Sequel Pro susceptible to man-in-the-middle attacks, which could lead to the installation of malicious code on the Mac desktop, all without the knowledge of the user.
