Skip to main content
  1. Home
  2. Computing
  3. Apple
  4. News

Apple Mail on MacOS flaw leaves supposedly encrypted messages unprotected

Aaron Mamiit
By

A vulnerability that was discovered on the macOS version of Apple Mail is compromising the security of supposedly encrypted messages, but Apple said a fix is on the way.

The flaw, which was shared by Apple-focused IT specialist Bob Gendler, was found on the four most recent MacOS releases, namely Catalina, Mojave, High Sierra, and Sierra. He found macOS database files that include information from Apple Mail, which is then utilized by digital assistant Siri to make suggestions. Unfortunately, one of the files, named snippets.db, is storing the unencrypted text of the emails.

Only a small number of people are affected by the issue. The user needs to be sending encrypted emails from Apple Mail on macOS Sierra to macOS Catalina, with FileVault not activated to encrypt the entire system. The person who wants to read the unencrypted emails will also need to know exactly where the information is stored in the computer’s system files and will need to have access to it.

However, for the affected users, the risk is massive. Encrypted emails are protected for a reason, such as to keep confidential information safe, so any chance that they may be compromised is a big deal.

“It brings up the question of what else is tracked and potentially improperly stored without you realizing it,” Gendler said.

Apple is aware of the issue and said that a fix is on the way through a future software update. Gendler, however, noted that he reported the issue on July 29, but Apple did not respond until November 5.

While waiting for the flaw to be patched, a suggested workaround is to disable the Learn from this App option under the Mail option of the Siri Suggestions & Privacy menu, which is found in Siri’s section in System Preferences. This is just a temporary solution though, as it only stops new emails from being included in the compromised snippets.db file.

The encryption vulnerability follows another issue with macOS Catalina’s Apple Mail app, specifically missing or incomplete messages after upgrading to the latest macOS release, as well as messages going blank after moving them between mailboxes. Similar problems also appeared after upgrading iPhones to iOS 13.

Editors' Recommendations

Video-editing app LumaFusion to get a Galaxy Tab S8 launch
A tablet featuring the LumaFusion video editing app.
Nullmixer is a nasty, new Windows malware dropper
Windows shows a malware warning on a Dell laptop.
If the Mac gets a Dynamic Island, I’m not sure I want it
A mockup of a MacBook Pro with an iPhone-style Dynamic Island replacing the menu bar at the top of the screen.
Twitter is building a menu option for Twitter Shops
A person's hands holding a smartphone as they browse Twitter on it.
This new Windows 11 feature will help you protect your passwords
A man sits, using a laptop running the Windows 11 operating system.
Edit Tweet feature is finally rolling out to Twitter Blue subscribers
A person's hands holding a smartphone as they browse Twitter on it.
Adobe Free Trial: Try Creative Cloud for free
Close up of Adobe Photoshop app icon being chosen from among other Adobe apps on a laptop screen.
IPVanish Free Trial: Try it for a month, no strings attached
The IPVanish VPN logo on a black background.
The HP Pavilion laptop is only $500 with this limited-time deal
Front angle of the HP Pavilion 15-inch laptop against a white background.
This 11-inch Chromebook from HP is only $98 at Walmart today
Woman sits at desk using a HP 11.6-inch Chromebook.
This HP Omen gaming PC with RTX 3070 is $500 cheaper today
The HP OMEN 40L desktop gaming PC against a white background.
This dangerous vulnerability tricks researchers by mimicking old threats
norton 360 deluxe with lifelock deal best buy december 2021 shutterstock antivirus
GPU prices and availability (October 2022): How much are GPUs today?
An AMD Radeon RX 6500XT placed on a motherboard.