Microsoft Uncovers "Sploitlight" Vulnerability in Apple's macOS, Exposing AI-Cached Data

macOS Spotlight Vulnerability Discovered by Microsoft

Microsoft Threat Intelligence found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in a blog post today. Microsoft's threat team is calling the exploit "Sploitlight" because it uses Spotlight plugins. According to Microsoft, the vulnerability is a Transparency, Consent, and Control (TCC) bypass that can leak sensitive info cached by Apple Intelligence. Attackers could have used it to get precise location data, photo and video metadata, face recognition data from the Photo Library, search history, AI email summaries, user preferences, and more. TCC is designed to keep apps from accessing personal information without user consent. Spotlight plugins that allow app files to appear in search are sandboxed by Apple and heavily restricted from accessing sensitive files, but Microsoft found a way around that. Microsoft researchers tweaked the app bundles that Spotlight pulls in, leaking file contents. Microsoft shared details of the bypass with Apple, and Apple addressed the issue in macOS 15.4 and iOS 15.4, updates that came out on March 31. The vulnerability was never actively exploited, because Apple was able to fix it before it was disclosed. Apple's security support document for the update said that the problem was addressed through improved data redaction. Apple fixed two other vulnerabilities that were credited to Microsoft at the same time with improved validation of symlinks and improved state management. Full information on how the exploit worked can be found on Microsoft's website.

Microsoft calls out Apple Intelligence AI security flaw which could have let hackers steal private data

Microsoft has revealed details of a security vulnerability in macOS which allowed threat actors to steal sensitive information from the Apple Intelligence AI tool. In a blog post, Microsoft said it found a bug that bypasses Transparency, Consent, and Control (TCC) mechanisms found on macOS devices. TCC is a security and privacy framework that restricts access to sensitive user data and system features. The bug, tracked as CVE-2025-31199, could allow hackers to access files in the Downloads folder, as well as caches utilized by Apple Intelligence. Microsoft dubbed the vulnerability "Sploitlight" since it abuses Spotlight plugins, but says it is more dangerous than previous TCC bypasses such as HM-Surf, or powerdir. "The implications of this vulnerability are more severe due to its ability to extract and leak sensitive information cached by Apple Intelligence, such as precise geolocation data, photo and video metadata, face and person recognition data, search history and user preferences, and more," Microsoft explained. "These risks are further complicated and heightened by the remote linking capability between iCloud accounts, meaning an attacker with access to a user's macOS device could also exploit the vulnerability to determine remote information of other devices linked to the same iCloud account." Spotlight plugins are used to index files for macOS search. Despite these plugins running in a sandboxed environment, they still have privileged access to scanned files, meaning attackers can modify plugin metadata to target specific file types. By logging file contents during indexing, attackers can exfiltrate data without needing TCC permissions. Apple says fixed the flaw in March 2025, through patches for macOS Sequoia 15.4. On NVD, the patch is described as providing "improved data redaction". Microsoft said that Defender for Endpoint now detects "suspicious" .mdimporter installations, and unusual indexing of sensitive directories.

Microsoft finds a major privacy flaw in Apple's Spotlight search

The exploit leveraged Spotlight search plugins to circumvent Apple's Transparency, Consent, and Control (TCC) framework, potentially exposing data cached by Apple Intelligence. Microsoft Threat Intelligence identified a Spotlight-related vulnerability, dubbed "Sploitlight," a Transparency, Consent, and Control (TCC) bypass capable of leaking sensitive data cached by Apple Intelligence. This vulnerability, detailed in a Microsoft blog post, leveraged Spotlight plugins to potentially expose private file data. TCC mechanisms are designed to prevent applications from accessing personal information without explicit user consent. The "Sploitlight" exploit circumvented these controls, allowing for unauthorized access to sensitive user data. Attackers could have acquired precise location data, metadata from photos and videos, face recognition data from the Photo Library, user search histories, AI email summaries, and user preferences. Despite Apple's sandboxing of Spotlight plugins, which typically restrict access to sensitive files, Microsoft researchers discovered a method to manipulate app bundles pulled by Spotlight, leading to the leakage of file contents. Shuyal malware is stealing data from 19 different browsers Microsoft communicated the bypass details to Apple. Apple subsequently addressed the vulnerability in macOS 15.4 and iOS 15.4, updates released on March 31. The vulnerability was not actively exploited prior to its disclosure and resolution. Apple's security support documentation for the update indicated that the problem was resolved through improved data redaction. Concurrently, Apple addressed two other vulnerabilities, also credited to Microsoft, by enhancing symlink validation and improving state management. Comprehensive information regarding the exploit's mechanics is available on Microsoft's official website.