Find Out What Mac Apps are Affected Sparkle Vulnerability

Megan Morrone has a very important security tip for all Mac users. There is vulnerability in Mac OS X called Sparkle, which comes from the open source software by the same name that many developers use to facilitate updates on their Mac apps. Affected apps include VLC Media Player, Utorrent, Duet Display, and Sketch. The flaw comes from using a vulnerable version of Sparkle combined with an unencryped HTTP channel.

To find out which apps use Sparkle on your system and the version they are using, open the Terminal, then cut and paste this command into the window:

find /Applications -path '*' -exec echo {} \; -exec grep -A1 CFBundleShortVersionString '{}' \; | grep -v CFBundleShortVersionString

Once you find out which apps are vulnerable, you can uninstall them. If you have a vulnerable app that you don't want to uninstall, it's a good idea to avoid using public Wi-Fi spots.

All Tips posts