Close Menu
GeekBlog

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    ‘Apple must do this, Apple will do this’ – Tim Cook rallies staff in face of AI delays

    August 3, 2025

    NASA’s latest mission to the ISS features a bacterial experiment

    August 3, 2025

    Best Outdoor Games for 2025

    August 3, 2025
    Facebook X (Twitter) Instagram Threads
    GeekBlog
    • Home
    • Mobile
    • Reviews
    • Tech News
    • Deals & Offers
    • Gadgets
      • How-To Guides
    • Laptops & PCs
      • AI & Software
    • Blog
    Facebook X (Twitter) Instagram
    GeekBlog
    Home»Gadgets»Microsoft Uncovers Security Flaw In macOS Spotlight That Could Leak Private Data
    Gadgets

    Microsoft Uncovers Security Flaw In macOS Spotlight That Could Leak Private Data

    Michael ComaousBy Michael ComaousAugust 1, 20251 Comment2 Mins Read0 Views
    Share Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Microsoft Uncovers Security Flaw In macOS Spotlight That Could Leak Private Data
    Share
    Facebook Twitter LinkedIn Pinterest Email Copy Link

    Microsoft’s Threat Intelligence team has identified a now-fixed security vulnerability in Apple’s macOS Spotlight search tool that could have allowed unauthorized access to sensitive user data. The issue, internally dubbed “Sploitlight”, stemmed from how Spotlight handled plugin files and potentially bypassed Apple’s privacy protection framework known as Transparency, Consent, and Control (TCC).

    The flaw made it possible for attackers to exploit Spotlight’s plugin system—components that normally help index app content for search and are confined within a sandbox environment. However, Microsoft’s researchers discovered a method to manipulate these plugins to gain access to cached data generated by Apple’s AI features.

    If exploited, the vulnerability could have exposed a wide range of private information, including:

    • Precise location data

    • Photo and video metadata

    • Facial recognition data from the Photos app

    • Search history

    • Summaries generated by AI tools, such as email content

    • User preferences and settings

    Despite the serious implications, Microsoft confirmed that the vulnerability was not actively exploited. Following responsible disclosure practices, the company reported its findings to Apple, which quickly addressed the issue.

    Apple released a fix as part of macOS 15.4 and iOS 18.4, both rolled out on March 31. According to Apple’s security documentation, the patch involved improving how the system handles certain types of data, helping to ensure stricter control over plugin behavior. Alongside the Spotlight fix, Apple also resolved two additional vulnerabilities reported by Microsoft—one related to symbolic link validation and another involving system state management.

    This incident underscores the importance of cross-company collaboration in addressing emerging security threats, especially as platforms continue to integrate AI and machine learning features. It also highlights the value of regular system updates, as many vulnerabilities are addressed quietly behind the scenes.

    For end users, no action is needed beyond ensuring that devices are up to date. The issue has been resolved, and Apple’s rapid response prevented the vulnerability from being weaponized in real-world attacks.

    Filed in Apple >Computers. Read more about Apple, Cybersecurity, macOS, Microsoft, Privacy and Security.

    Data Flaw leak macOS Microsoft Private Security Spotlight Uncovers
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email Copy Link
    Previous ArticleTools and Accessories Deals at Lowe’s: Up to 30% off
    Next Article Could this be our first look at the iPhone 17 Pro?
    Michael Comaous
    • Website

    Related Posts

    6 Mins Read

    Best Outdoor Games for 2025

    3 Mins Read

    Security expert warns: don’t list defense work on LinkedIn – or you could be at risk of getting hacked

    7 Mins Read

    Best Fitness Trackers (2025), Tested and Reviewed

    3 Mins Read

    Flawed Tests on Earth May Explain Why NASA’s Rovers Get Stuck on Mars

    3 Mins Read

    BORNTOSTANDOUT launches the refined Eau Intimité collection of fragrances

    5 Mins Read

    4 reasons why I use a privacy browser (and why you should too)

    Top Posts

    30-Year Fixed-Rate Mortgage Decreases: Mortgage Interest Rates Today for Aug. 1, 2025

    August 1, 202510 Views

    Are There Cordless Vacuums With Replaceable Batteries?

    July 1, 20259 Views

    Deal: Netgear 4G LTE Broadband Modem is just $19.99!

    August 1, 20256 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Most Popular

    30-Year Fixed-Rate Mortgage Decreases: Mortgage Interest Rates Today for Aug. 1, 2025

    August 1, 202510 Views

    Are There Cordless Vacuums With Replaceable Batteries?

    July 1, 20259 Views

    Deal: Netgear 4G LTE Broadband Modem is just $19.99!

    August 1, 20256 Views
    Our Picks

    ‘Apple must do this, Apple will do this’ – Tim Cook rallies staff in face of AI delays

    August 3, 2025

    NASA’s latest mission to the ISS features a bacterial experiment

    August 3, 2025

    Best Outdoor Games for 2025

    August 3, 2025

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest Threads
    • About Us
    • Contact us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    © 2025 geekblog. Designed by Pro.

    Type above and press Enter to search. Press Esc to cancel.