Apple has patched a serious macOS vulnerability that could have let attackers secretly access files protected by user privacy settings, including sensitive data tied to Apple Intelligence.
Install the latest macOS security update
Install the latest macOS security update
Microsoft’s security team discovered the flaw and published their findings on July 28. The exploit, which they named “Sploitlight,” used Spotlight plugins to bypass macOS’s Transparency, Consent, and Control (TCC) protections.
These controls are supposed to prevent apps from accessing personal data like location, photos, and downloads without user permission.