|
|
|
|
|
|
by retx
3800 days ago
|
|
|
With this updating process when the update process itself is vulnerable is "tricky", I know but you can avoid those nasty things by: 1) Using secure and let's say trusted VPN and then all your connections are going to be encrypted by default
2) Update your applications in trusted environment like your home network There is only one thing to remember - don’t connect to public Wi-Fi Hotspots unless you know what you do. |
|
|
Note that the problem isn't just with the updater, but with the update checker. That means that merely running these apps makes you vulnerable, if you've configured them to automatically check for updates (usually the default). You don't have to actually update, just have an automatic check performed.
To be safe from this, you'll want to disable automatic update checks in the settings for each app. Of course, running the app to do this is dangerous, but the odds of being targeted in this small window are low, especially if you avoid easy targets like public WiFi while doing it. If you want to be extremely paranoid, you can disconnect from the internet first. Once the app makers publish updates, you can update out of band by downloading the new version directly from their web site (over https, hopefully) and then you can safely re-enable automatic update checking.