Microsoft Uncovers macOS Spotlight Vulnerability That May Expose Private Data
2025-07-29 / Read about 0 minute
Author:小编   

Microsoft's Threat Intelligence Team has identified a Spotlight-related vulnerability in the macOS system, dubbed "Sploitlight." This vulnerability leverages Spotlight plugins, potentially allowing attackers to steal private file data protected by Transparency, Consent, and Control (TCC). This includes files in the Downloads folder and sensitive information cached by Apple Intelligence. Microsoft has promptly reported this vulnerability to Apple, which has addressed it in the macOS Sequoia update released on March 31, 2025, with the vulnerability ID CVE-2025-31199. Microsoft strongly advises macOS users to apply the security update at the earliest convenience.