Apple users warned over outdated apps in the App Store
Apple Mac users could be using an outdated, vulnerable version of Opera.
According to research by Joshua Long, the Apple Mac Store is not alerting users to security risks who may continue to use an unsafe version of the Opera browser.
Opera released a fix for a ‘critical' security issue recently but version 11.0.1, released back in March that is vulnerable to the security bug patched in 11.11, could still be used. Long said: “Users who rely on the App Store to tell them whether their software is up-to-date may not be aware of the security risks and may continue to use an unsafe version of the Opera browser.
“I have notified Apple and Opera about this issue. An Opera representative acknowledged that ‘we are waiting for the App store to approve the next version of Opera for Mac. For now the only solution is to go to www.opera.com/download'.”
In a blog, Long also claimed that the current version of Amazon's Kindle app is 1.5.1, while the version in the App Store is still 1.2.3, which was released in January. “Amazon does not publicly disclose its changelog, so there is no easy way to know whether any security issues exist in Kindle for Mac version 1.2.3”, he said.
He recommended dragging an outdated app from your applications folder into the Trash (which will require an administrator password due to the way the App Store installs apps), then drag the current version of the application from the developer's website into the applications folder.
Graham Cluley, senior technology consultant at Sophos, said: “Put in simple terms, Apple seems to be falling short of the promise it makes in its promotion of the App Store that it ‘keeps track of your apps and tells you when an update is available' and that ‘you'll always have the latest version of every app you own'.
“So the key question is, how quickly is Apple going to approve the latest Opera update and other software which might have been updated to secure against critical security vulnerabilities, for the App Store?
“Because if Apple can't update software containing critical security patches to the App Store in a timely fashion, users might be wiser getting their software via a more conventional route.”