Particle.news
Download on the App Store
15 ARTICLES
·
4d ago

Sploitlight Exploit Goes Public, Security Teams Press for Patch Reviews

Experts urge users to verify March security updates on their Apple devices after Microsoft’s full disclosure of a Spotlight plugin bypass that exposed Apple Intelligence metadata.

encryption truecrypt secure storage
Pizza photos in iPhone Spotlight Search
Image
Image

Overview

  • Microsoft published its full technical report on Sploitlight on July 28, detailing how specially crafted Spotlight importers bypass Apple’s Transparency, Consent and Control framework.
  • The flaw, tracked as CVE-2025-31199, could have leaked precise geolocation data, media metadata, face-recognition tags, AI email summaries and other Apple Intelligence caches across iCloud-linked devices.
  • Apple pre-emptively patched the vulnerability in macOS Sequoia 15.4 and iOS 15.4 on March 31, preventing any known exploitation in the wild.
  • Security teams advise macOS, iOS and iPadOS users to confirm that the March updates are installed and to avoid installing unsigned or unfamiliar Spotlight plugins.
  • Organizations are deploying Microsoft Security Copilot playbooks and other detection tools to monitor for anomalous Spotlight plugin activity and uncover potential breaches.