Microsoft calls out Apple Intelligence AI security flaw which could have let hackers steal private data

News
By published

Apple Intelligence "Sploitlight" flaw was pretty concerning, Microsoft says

Apple Intelligence
(Image credit: Apple)
  • Microsoft finds macOS security bug which could allow threat actors to pull sensitive data from Apple Intelligence
  • "Sploitlight" revolves around Spotlight plugins
  • It was fixed in macOS Sequoia 15.4, so users should upgrade now

Microsoft has revealed details of a security vulnerability in macOS which allowed threat actors to steal sensitive information from the Apple Intelligence AI tool.

In a blog post, Microsoft said it found a bug that bypasses Transparency, Consent, and Control (TCC) mechanisms found on macOS devices. TCC is a security and privacy framework that restricts access to sensitive user data and system features.

The bug, tracked as CVE-2025-31199, could allow hackers to access files in the Downloads folder, as well as caches utilized by Apple Intelligence. Microsoft dubbed the vulnerability “Sploitlight” since it abuses Spotlight plugins, but says it is more dangerous than previous TCC bypasses such as HM-Surf, or powerdir.

"Severe implications"

“The implications of this vulnerability are more severe due to its ability to extract and leak sensitive information cached by Apple Intelligence, such as precise geolocation data, photo and video metadata, face and person recognition data, search history and user preferences, and more,” Microsoft explained.

“These risks are further complicated and heightened by the remote linking capability between iCloud accounts, meaning an attacker with access to a user’s macOS device could also exploit the vulnerability to determine remote information of other devices linked to the same iCloud account.”

Spotlight plugins are used to index files for macOS search. Despite these plugins running in a sandboxed environment, they still have privileged access to scanned files, meaning attackers can modify plugin metadata to target specific file types.

By logging file contents during indexing, attackers can exfiltrate data without needing TCC permissions.

Apple says fixed the flaw in March 2025, through patches for macOS Sequoia 15.4. On NVD, the patch is described as providing “improved data redaction”. Microsoft said that Defender for Endpoint now detects “suspicious” .mdimporter installations, and unusual indexing of sensitive directories.

Via BleepingComputer

You might also like

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.