Even the smartest technology can have its vulnerabilities. Microsoft recently unveiled details about a notable security flaw in Apple‘s macOS, one that could have potentially exposed sensitive data cached by Apple Intelligence. Dubbed “Sploitlight,” this vulnerability highlights the constant vigilance needed in the world of cybersecurity.
At its core, “Sploitlight” (tracked as CVE-2025-31199) was a bug that managed to bypass Apple’s Transparency, Consent, and Control (TCC) mechanisms. TCC is essentially macOS’s guard dog. It is designed to restrict apps from accessing private user data and system features without explicit permission. The concern here was that this flaw found a way around that critical safeguard.
Sploitlight, the Apple Intelligence Security Flaw found by Microsoft
So, how did it work? The vulnerability cleverly abused Spotlight plugins. These plugins help macOS index your files for search. Even in their sandboxed environment, these have privileged access to the data they scan. Microsoft discovered that attackers could modify the metadata of these plugins. By doing so, they could trick the system into logging sensitive file contents during the indexing process, effectively exfiltrating data without needing any TCC permissions.
The implications were quite serious. Microsoft explained that “Sploitlight” could have allowed hackers to pull a treasure trove of sensitive information from your device. More specifically, we are talking about data cached by Apple Intelligence. This included precise geolocation, photo and video metadata, facial recognition data, your search history, and even user preferences. What made it even more concerning was the potential for attackers to gain remote information from other devices linked to the same iCloud account. So, there was a possibility of an even greater risk.
Vulnerability already fixed
The good news is that Apple has already addressed this vulnerability. They released patches for macOS Sequoia 15.4 in March 2025, which included “improved data redaction” to fix this flaw. Microsoft, whose security researchers discovered the issue, has also updated its Defender for Endpoint to detect any suspicious installations related to this method.
This discovery highlights the importance of keeping your software updated to the latest versions. It’s a clear reminder that even with advanced security frameworks, constant vigilance and collaboration between security researchers and platform developers are crucial to protecting user data in our increasingly interconnected digital world.
The post Microsoft Uncovers Critical Apple Intelligence Security flaw appeared first on Android Headlines.
