We have released updates to Nisus Writer Express, Nisus Writer Pro, and InfoClick. There are bug fixes and enhancements, but there is also a security update that should be explained.
We use an automatic update framework called Sparkle, which is used by many developers to keep your applications up to date. A few weeks ago a potential security risk was found in this framework. The details can be found in this iMore article, but to summarize the problem is applications using the Sparkle framework are potentially vulnerable to “man in the middle” attacks.
To eliminate this potential security problem in our apps we have updated the Sparkle framework to the latest version. We have also added https to our website to ensure communication between our apps and our website is secure.
While the risk of this vulnerability actually affecting users is low, there is still risk. Updating the framework and adding https across our site eliminates this vulnerability.