Categories
News OS X security Software Yosemite

Researcher finds Sparkle framework vulnerability, highlights popular apps that could be exploited

Well, this is a mess. A “huge” number of third-party Mac apps are under threat of man-in-the-middle attacks due to a recently discovered vulnerability in Sparkle, an open source framework used to facilitate software updates. The flaw, which centered around a flawed WebKit rendering engine implementation found in certain Sparkle builds, is to blame for […]

Categories
News security Software

Adobe pushes Flash Player 18.0.0.194, cites security vulnerabilities in previous versions

As useful as it may be, Adobe is still putting out fires with Flash Player. The company issued a security update for its Flash Player on OS X, Windows, and Linux. In the bulletin, it cited that this update addresses a critical security vulnerability that could allow an attacker to gain control and take over […]

Categories
News Software

YouTube begins transition from Flash to HTML5, shows signs of the times

It’s been a long time coming, but it looks like Flash is finally on its way out. Or at least YouTube will be helping it on its way out as it converts over to HTML5. Per Macworld, five years after Google introduced HTML5 video as an option on YouTube, Google’s popular video site now defaults […]

Categories
Hardware News security Software

OS X 10.10.2 update to resolve ongoing Thunderbolt vulnerability

If you were looking forward to the next heft Yosemite update, there’s something else to look forward to that will finally secure a vulnerability on the Thunderbolt port. Per AppleInsider and iMore, a Mac hardware vulnerability that has yet to be exploited on a wide scale will reportedly be fixed with Apple’s forthcoming OS X […]

Categories
Hack Hardware News security Thunderbolt

Security researcher demonstrates Thunderbolt firmware hack proof of concept at Chaos Computer Congress

As great as Thunderbolt is, there are vulnerabilities to consider. Per 9to5Mac, a security researcher speaking at the Chaos Computer Congress in Hamburg demonstrated a hack that rewrites an Intel Mac’s firmware using a Thunderbolt device with attack code in an option ROM. Known as Thunderstrike, the proof of concept presented by Trammel Hudson infects […]