macOS Spotlight Vulnerability Discovered by Microsoft

by

Microsoft Threat Intelligence found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in a blog post today. Microsoft's threat team is calling the exploit "Sploitlight" because it uses Spotlight plugins.

bug security vulnerability issue fix larry
According to Microsoft, the vulnerability is a Transparency, Consent, and Control (TCC) bypass that can leak sensitive info cached by Apple Intelligence. Attackers could have used it to get precise location data, photo and video metadata, face recognition data from the Photo Library, search history, AI email summaries, user preferences, and more.

TCC is designed to keep apps from accessing personal information without user consent. Spotlight plugins that allow app files to appear in search are sandboxed by Apple and heavily restricted from accessing sensitive files, but Microsoft found a way around that. Microsoft researchers tweaked the app bundles that Spotlight pulls in, leaking file contents.

Microsoft shared details of the bypass with Apple, and Apple addressed the issue in macOS 15.4 and iOS 15.4, updates that came out on March 31. The vulnerability was never actively exploited, because Apple was able to fix it before it was disclosed.

Apple's security support document for the update said that the problem was addressed through improved data redaction. Apple fixed two other vulnerabilities that were credited to Microsoft at the same time with improved validation of symlinks and improved state management.

Full information on how the exploit worked can be found on Microsoft's website.

Tag: Vulnerabiltiies

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
maxresdefault

Apple Shows Off a Key Reason to Upgrade to the iPhone 17

Saturday February 7, 2026 9:26 am PST by
Apple today shared an ad that shows how the upgraded Center Stage front camera on the latest iPhones improves the process of taking a group selfie. "Watch how the new front facing camera on iPhone 17 Pro takes group selfies that automatically expand and rotate as more people come into frame," says Apple. While the ad is focused on the iPhone 17 Pro and iPhone 17 Pro Max, the regular iPhone...
Read Full Article79 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments

Top Rated Comments

Roller Avatar
Roller
7 months ago
I don't often complain about headlines here, but unless I'm missing something, this one strikes me as misleading. I read it and the article thinking that this was a new, unaddressed vulnerability, only to find that it was taken care of by Apple a few months ago.
Score: 22 Votes (Like | Disagree)
carswell Avatar
carswell
7 months ago
Another reason to turn off Apple "Intelligence"! /s
Score: 13 Votes (Like | Disagree)
Jerry Fritschle Avatar
Jerry Fritschle
7 months ago
Nice to know, but a click-baity headline. Skimmers will assume this is active.
Score: 11 Votes (Like | Disagree)
johannnn Avatar
johannnn
7 months ago
What's the news here? Every .x update includes security patches. And this was a .x release back in March lol
Score: 10 Votes (Like | Disagree)
urmaster Avatar
urmaster
7 months ago

I don't often complain about headlines here, but unless I'm missing something, this one strikes me as misleading. I read it and the article thinking that this was a new, unaddressed vulnerability, only to find that it was taken care of by Apple a few months ago.
I guess Microsoft followed responsible disclosure methods so it's quite right that we're only hearing about it after the patch is widely deployed.
Score: 7 Votes (Like | Disagree)
goonie4life9 Avatar
goonie4life9
7 months ago
Not to worry, everyone, because Apple was able to fix this before it ever affected a single customer. Apple was able to do this because of their best-in-class privacy, which only Apple can provide!
Score: 5 Votes (Like | Disagree)
Read All Comments