Skip to main content
  1. Home
  2. Computing
  3. News

Apple Mail on MacOS flaw leaves supposedly encrypted messages unprotected

Aaron Mamiit
By

A vulnerability that was discovered on the macOS version of Apple Mail is compromising the security of supposedly encrypted messages, but Apple said a fix is on the way.

The flaw, which was shared by Apple-focused IT specialist Bob Gendler, was found on the four most recent MacOS releases, namely Catalina, Mojave, High Sierra, and Sierra. He found macOS database files that include information from Apple Mail, which is then utilized by digital assistant Siri to make suggestions. Unfortunately, one of the files, named snippets.db, is storing the unencrypted text of the emails.

Recommended Videos

Only a small number of people are affected by the issue. The user needs to be sending encrypted emails from Apple Mail on macOS Sierra to macOS Catalina, with FileVault not activated to encrypt the entire system. The person who wants to read the unencrypted emails will also need to know exactly where the information is stored in the computer’s system files and will need to have access to it.

Related

However, for the affected users, the risk is massive. Encrypted emails are protected for a reason, such as to keep confidential information safe, so any chance that they may be compromised is a big deal.

“It brings up the question of what else is tracked and potentially improperly stored without you realizing it,” Gendler said.

Apple is aware of the issue and said that a fix is on the way through a future software update. Gendler, however, noted that he reported the issue on July 29, but Apple did not respond until November 5.

While waiting for the flaw to be patched, a suggested workaround is to disable the Learn from this App option under the Mail option of the Siri Suggestions & Privacy menu, which is found in Siri’s section in System Preferences. This is just a temporary solution though, as it only stops new emails from being included in the compromised snippets.db file.

The encryption vulnerability follows another issue with macOS Catalina’s Apple Mail app, specifically missing or incomplete messages after upgrading to the latest macOS release, as well as messages going blank after moving them between mailboxes. Similar problems also appeared after upgrading iPhones to iOS 13.

Editors' Recommendations

Topics
Aaron Mamiit
Aaron Mamiit
Contributor
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
Apple fixed one of my biggest macOS gripes with Sonoma — but I still want more
Federighi talking about Continuity Camera.

Apple’s macOS Sonoma update has just been launched and, let’s be honest here, it’s a pretty modest upgrade (probably thanks to the work required on the Vision Pro’s software). Still, when Apple unveiled Sonoma a few months ago, there was one feature that got me excited: Continuity Camera.

This nifty tool lets you use your iPhone as a high-quality webcam. Sure, it actually debuted with macOS Ventura, but this year we’ve got much more control over how it works. Sliders! Toggles! Yes, it’s all here.

Read more
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
How to take a screenshot on your Mac: the best methods in 2023
The keyboard and trackpad of the MacBook Pro 14-inch.

If you're new to the Mac, the first question people have is how to take a screenshot. There's no Print Screen key, so you'll be forgiven if it's not immediately obvious. Or hey, maybe you just forgot the keyboard shortcut or want to go deep into the very best screenshot apps available. We got ya.

There are plenty of options and customizations, so there's plenty to dig into. Here’s everything you could ever want to know about taking a screenshot on your Mac.
How to take a screenshot using keyboard shortcuts
MacOS keyboard shortcuts are the quickest ways to take screenshots, whether you're capturing the entire screen or just a portion. By default, Apple's methods save your screenshot to the desktop, but if you want to copy the screenshot to the clipboard, there's a keyboard shortcut you can use instead.
How to capture a selected area

Read more