macOS Spotlight Vulnerability Discovered by Microsoft

[MacRumors]

Microsoft Threat Intelligence found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in a blog post today. Microsoft's threat team is calling the exploit "Sploitlight" because it uses Spotlight plugins.

According to Microsoft, the vulnerability is a Transparency, Consent, and Control (TCC) bypass that can leak sensitive info cached by Apple Intelligence. Attackers could have used it to get precise location data, photo and video metadata, face recognition data from the Photo Library, search history, AI email summaries, user preferences, and more.

TCC is designed to keep apps from accessing personal information without user consent. Spotlight plugins that allow app files to appear in search are sandboxed by Apple and heavily restricted from accessing sensitive files, but Microsoft found a way around that. Microsoft researchers tweaked the app bundles that Spotlight pulls in, leaking file contents.

Microsoft shared details of the bypass with Apple, and Apple addressed the issue in macOS 15.4 and iOS 15.4, updates that came out on March 31. The vulnerability was never actively exploited, because Apple was able to fix it before it was disclosed.

Apple's security support document for the update said that the problem was addressed through improved data redaction. Apple fixed two other vulnerabilities that were credited to Microsoft at the same time with improved validation of symlinks and improved state management.

Full information on how the exploit worked can be found on Microsoft's website.

Article Link: macOS Spotlight Vulnerability Discovered by Microsoft

 

[carswell]

Another reason to turn off Apple "Intelligence"! /s

 

[goonie4life9]

Not to worry, everyone, because Apple was able to fix this before it ever affected a single customer. Apple was able to do this because of their best-in-class privacy, which only Apple can provide!

 

[Roller]

I don't often complain about headlines here, but unless I'm missing something, this one strikes me as misleading. I read it and the article thinking that this was a new, unaddressed vulnerability, only to find that it was taken care of by Apple a few months ago.

 

[johannnn]

What's the news here? Every .x update includes security patches. And this was a .x release back in March lol

 

[awshucks]

guess they're trying to get even with apple considering the Recall security issues

 

[Jerry Fritschle]

Nice to know, but a click-baity headline. Skimmers will assume this is active.

 

[The_Gream]

All this before Microsoft canned 9k people.

 

[polyphenol]

Is there a way of identifying all the Spotlight plugins that are installed/in use on my Macs?

I'm not conscious of having installed and allowed any but would be good to be able to look and check.

 

[williamofockham]

what's spotlight, apple intelligence. why should I care?

 

[urmaster]

I don't often complain about headlines here, but unless I'm missing something, this one strikes me as misleading. I read it and the article thinking that this was a new, unaddressed vulnerability, only to find that it was taken care of by Apple a few months ago.

I guess Microsoft followed responsible disclosure methods so it's quite right that we're only hearing about it after the patch is widely deployed.

 

[StoneShaders]

and yet Microsoft stores plain screenshots for their Recall feature, which viruses and all sorts of bad actors could've easily exploited? …it was only after receiving public backlash that they implemented encryption

In any case, kudos to them for reporting this vulnerability to Apple first then only disclose it after the patch has been widely deployed.

 

[tkermit]

Is there a way of identifying all the Spotlight plugins that are installed/in use on my Macs?

Objective-See: KnockKnock

objective-see.org

Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability | Microsoft Security Blog

Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information cached by Apple...

www.microsoft.com

 

[Danilamak]

The vulnerability was never actively exploited, because Apple was able to fix it before it was disclosed.

Nope, on Apple support page there is no clear statement, that this “vulnerability was never actively exploited”

This vulnerability was accessible and can be exploited by anyone who finds it, they are highly valuable on black market.

 

[Techwatcher]

Microsoft running to Apple’s rescue once again.

 

[DanVM]

and yet Microsoft stores plain screenshots for their Recall feature, which viruses and all sorts of bad actors could've easily exploited? …it was only after receiving public backlash that they implemented encryption

In any case, kudos to them for reporting this vulnerability to Apple first then only disclose it after the patch has been widely deployed.

From what I understand, the issue with Recall during the preview phase was that screenshots weren’t stored securely. By the time it was officially released, they fix the issue by encrypting all the Recall data.

https://blogs.windows.com/windowsexperience/2024/09/27/update-on-recall-security-and-privacy-architecture/

 

[routine_analyst]

Microsoft Threat Intelligence found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in a blog post today. Microsoft's threat team is calling the exploit "Sploitlight" because it uses Spotlight plugins.

According to Microsoft, the vulnerability is a Transparency, Consent, and Control (TCC) bypass that can leak sensitive info cached by Apple Intelligence. Attackers could have used it to get precise location data, photo and video metadata, face recognition data from the Photo Library, search history, AI email summaries, user preferences, and more.

TCC is designed to keep apps from accessing personal information without user consent. Spotlight plugins that allow app files to appear in search are sandboxed by Apple and heavily restricted from accessing sensitive files, but Microsoft found a way around that. Microsoft researchers tweaked the app bundles that Spotlight pulls in, leaking file contents.

Microsoft shared details of the bypass with Apple, and Apple addressed the issue in macOS 15.4 and iOS 15.4, updates that came out on March 31. The vulnerability was never actively exploited, because Apple was able to fix it before it was disclosed.

Apple's security support document for the update said that the problem was addressed through improved data redaction. Apple fixed two other vulnerabilities that were credited to Microsoft at the same time with improved validation of symlinks and improved state management.

Full information on how the exploit worked can be found on Microsoft's website.

Article Link: macOS Spotlight Vulnerability Discovered by Microsoft

I wonder if Apple pays them like they do independent bug and exploit catchers. MS for the win.

 

[mihighil]

Not to worry, everyone, because Apple was able to fix this before it ever affected a single customer. Apple was able to do this because of their best-in-class privacy, which only Apple can provide!

Lets play a game, its called "spot the shareholder" )))

 

[GrassShark]

macOS 15.4 and iOS 15.4, updates that came out on March 31.

Might want to check that iOS version number.

 

[macduke]

If only Microsoft were this good at discovering their own vulnerabilities.

 

[con2apple]

What's the news here? Every .x update includes security patches. And this was a .x release back in March lol

I think the News is, that not a good guy found this vulnerability but the noone and never in the Apple fan bubble.
The biggest enemy, the devil himself, the most destroying company in the world:
Microsoft

BaBummmmmmm!

 

[Westside guy]

Nope, on Apple support page there is no clear statement, that this “vulnerability was never actively exploited”

This vulnerability was accessible and can be exploited by anyone who finds it, they are highly valuable on black market.

Yup. We can't assume the "good guys" were the first to discover this vulnerability.

However it's probably reasonable to assume it was never widely exploited.

 

[iHorseHead]

I don't often complain about headlines here, but unless I'm missing something, this one strikes me as misleading. I read it and the article thinking that this was a new, unaddressed vulnerability, only to find that it was taken care of by Apple a few months ago.

Yes, but that's how the media works. It's important to get your click. Maybe MacRumors editors also get paid per click?

 

[MayflyMaven]

Is there a way of identifying all the Spotlight plugins that are installed/in use on my Macs?

I think this was probably the point of the extensive review that Microsoft did of this particular vulnerability, it's marketing for their Endpoint security software (which is now "proactively detecting anomalous .mdimporter bundle installations, alongside any suspicious index of sensitive directories"). To answer the question directly, though:

- Hold down the Option key and choose "Library" from the Finder's Go menu
- Look inside of the Library > Spotlight folder for any *.mdimporter files
- Go to System Settings > General > Login Items & Extensions > Extensions (scroll to the bottom) > Spotlight

You can also run `sfltool dumpbtm` in Terminal and search for "Type: spotlight" to find the Spotlight extensions (e.g. if there might be Spotlight extensions limited to the scope of other user accounts on the system).

Like others noted, though, no, this is not "news", this isn't an unaddressed vulnerability – Microsoft followed responsible disclosure methods and only posted this exposé long after informing Apple, and after Apple had patched the update and even after a reasonable amount of time to give users the opportunity to apply the patch. Or, more cynically, perhaps after the exact amount of time that it took the Endpoint team to add Spotlight importer detection

Regardless, these sorts of analyses are fun to read and insightful. CVE reports are (deliberately) only showing the basics of the vulnerability, they don't aim to show how to exploit a vulnerability. Likewise, Apple's "About the security content of…" documents aren't going to offer enough detail to allow an attacker to immediately exploit the users that haven't yet applied the patch. We don't often get to see how a vulnerability could have been exploited, nor specifically how it was addressed.

In this case, I did find this part very curious:

Note since .mdimporter is an unsigned bundle, an attacker doesn’t even need to recompile to adjust to other file types—they could just modify Info.plist and schema.xml as they see fit. We therefore conclude an attacker can trivially discover and read arbitrary files from sensitive directories normally protected by TCC

Naturally we don't know the full extent of the fix, but Apple notes in the security release notes for 15.4:

Logging​

Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2025-31199: Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, Alexia Wilson of Microsoft, Christine Fossaceca of Microsoft

So that suggests to me that Apple fixed the logging of data from a legacy Spotlight plugin, but are these unsigned plugins still allowed to read sensitive files (albeit in a very-tightly-controller sandbox)? I felt like this was a dangling question at the end of Microsoft's article, only to be answered by their concluding paragraph: You need Microsoft Defender for Endpoint!