A pair of new security vulnerabilities has been discovered in the framework used by a wide variety of Mac apps leaves them open to Man-in-the-Middle (MitM) attacks.

The framework in question is Sparkle that a large number of third-party OS X apps, including Camtasia, uTorrent, Duet Display and Sketch, use to facilitate automatic updates in the background.

Sparkle is an open source