Apple in macOS 10.15.3 quietly addressed a bug that left some of the text of encrypted emails unencrypted, reports The Verge.

This particular vulnerability was publicized back in November, after IT specialist Bob Gendler found that the snippets.db database file used by a Siri feature to offer up contact suggestions stored encrypted emails in an unencrypted format.

mailencryptionissue

A demonstration from Gendler showing the bug. The image features a private key that has been made unavailable in Mail, rendering the message unreadable. It continues to be available in the database, though.

Gendler reported the bug to Apple in July, but shared details in November after Apple failed to fix it. After the bug was announced to the public, Apple promised that a fix was coming in a future version of macOS.

Only a small number of people were affected by the bug because it required a very specific set of steps to reproduce. It required customers to be using macOS and the Apple Mail app to send encrypted emails. It did not impact those who had FileVault turned on, and a person who wanted to access the information would have also needed to know where in Apple's system files to look and have had physical access to a machine.

Apple didn't mention the bug fix when macOS Catalina 10.15.3 was released last week, but the update does indeed appear address the issue, Gendler told The Verge.

According to Gendler, macOS Catalina 10.15.3 prevents encrypted emails from appearing in Spotlight searches, and the database file that used to include encrypted emails no longer does so.

Top Rated Comments

Analog Kid Avatar
Analog Kid
55 months ago

This must be untrue, these things only happen to evil Google, Microsoft or Android.
Can you find me a quote of anyone saying this?
Score: 1 Votes (Like | Disagree)
kylelerner Avatar
kylelerner
55 months ago
Narwhals always have a point.
Score: 1 Votes (Like | Disagree)
Analog Kid Avatar
Analog Kid
55 months ago

Just read yesterday's publication (or from two days ago) regarding a vulnerability in Google, you will find plenty of those messages.
Then it should be easy to quote one.

“Find the publication in the last few days” isn’t a proper citation. I’ve no idea what you’re talking about.
Score: 1 Votes (Like | Disagree)
GeoStructural Avatar
GeoStructural
55 months ago
This must be untrue, these things only happen to evil Google, Microsoft or Android.
Score: 1 Votes (Like | Disagree)
Read All Comments

Popular Stories

iPhone 15 Pro FineWoven

Apple Reportedly Stops Production of FineWoven Accessories

Sunday April 21, 2024 6:03 am PDT by
Apple has stopped production of FineWoven accessories, according to the Apple leaker and prototype collector known as "Kosutami." In a post on X (formerly Twitter), Kosutami explained that Apple has stopped production of FineWoven accessories due to its poor durability. The company may move to another non-leather material for its premium accessories in the future. Kosutami has revealed...
Read Full Article432 comments
maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article228 comments
iOS 17 All New Features Thumb

iOS 17.5 Will Add These New Features to Your iPhone

Sunday April 21, 2024 3:00 am PDT by
The upcoming iOS 17.5 update for the iPhone includes only a few new user-facing features, but hidden code changes reveal some additional possibilities. Below, we have recapped everything new in the iOS 17.5 and iPadOS 17.5 beta so far. Web Distribution Starting with the second beta of iOS 17.5, eligible developers are able to distribute their iOS apps to iPhone users located in the EU...
Read Full Article
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article286 comments
Provenance Emulator

PlayStation and SEGA Emulator for iPhone and Apple TV Coming to App Store [Updated]

Friday April 19, 2024 8:29 am PDT by
The lead developer of the multi-emulator app Provenance has told iMore that his team is working towards releasing the app on the App Store, but he did not provide a timeframe. Provenance is a frontend for many existing emulators, and it would allow iPhone and Apple TV users to emulate games released for a wide variety of classic game consoles, including the original PlayStation, SEGA Genesis,...
Read Full Article181 comments
apple vision pro orange

Apple Vision Pro Customer Interest Dying Down at Some Retail Stores

Monday April 22, 2024 2:12 am PDT by
Apple Vision Pro, Apple's $3,500 spatial computing device, appears to be following a pattern familiar to the AR/VR headset industry – initial enthusiasm giving way to a significant dip in sustained interest and usage. Since its debut in the U.S. in February 2024, excitement for the Apple Vision Pro has noticeably cooled, according to Bloomberg's Mark Gurman. Writing in his latest Power On...
Read Full Article337 comments