Skip to main content

Apple Mail on MacOS flaw leaves supposedly encrypted messages unprotected

 

A vulnerability that was discovered on the macOS version of Apple Mail is compromising the security of supposedly encrypted messages, but Apple said a fix is on the way.

Recommended Videos

The flaw, which was shared by Apple-focused IT specialist Bob Gendler, was found on the four most recent MacOS releases, namely Catalina, Mojave, High Sierra, and Sierra. He found macOS database files that include information from Apple Mail, which is then utilized by digital assistant Siri to make suggestions. Unfortunately, one of the files, named snippets.db, is storing the unencrypted text of the emails.

Only a small number of people are affected by the issue. The user needs to be sending encrypted emails from Apple Mail on macOS Sierra to macOS Catalina, with FileVault not activated to encrypt the entire system. The person who wants to read the unencrypted emails will also need to know exactly where the information is stored in the computer’s system files and will need to have access to it.

However, for the affected users, the risk is massive. Encrypted emails are protected for a reason, such as to keep confidential information safe, so any chance that they may be compromised is a big deal.

“It brings up the question of what else is tracked and potentially improperly stored without you realizing it,” Gendler said.

Apple is aware of the issue and said that a fix is on the way through a future software update. Gendler, however, noted that he reported the issue on July 29, but Apple did not respond until November 5.

While waiting for the flaw to be patched, a suggested workaround is to disable the Learn from this App option under the Mail option of the Siri Suggestions & Privacy menu, which is found in Siri’s section in System Preferences. This is just a temporary solution though, as it only stops new emails from being included in the compromised snippets.db file.

The encryption vulnerability follows another issue with macOS Catalina’s Apple Mail app, specifically missing or incomplete messages after upgrading to the latest macOS release, as well as messages going blank after moving them between mailboxes. Similar problems also appeared after upgrading iPhones to iOS 13.

Aaron Mamiit
Aaron received an NES and a copy of Super Mario Bros. for Christmas when he was four years old, and he has been fascinated…
Every macOS version in order: from the first public beta to macOS 15
Apple MacBook Air 15 M4 front angled view showing display and keyboard.

Apple’s macOS operating system has changed a lot over the last 25 years, with new features and designs coming and going as the decades have passed. Even the name has been adjusted, starting out as Mac OS X before shortening to OS X and eventually settling on macOS. The world the original version inhabited back in 2000 is very different to today.

Including the initial public beta, Apple has released 22 versions of the Mac operating system so far, with new launches becoming an annual occurrence. But it wasn’t always this way, and there have been some fascinating updates and developments in the time since the first version appeared. Let’s see how macOS has changed over the years.

Read more
The new macOS update includes a battery boost for Safari
Laptop showing the macos 15.5 update.

The macOS 15.5 update is here, and it's overall pretty light on features. However, the Safari 18.5 update bundled with it does include a new developer feature that will save battery life for users. "Declarative Web Push" is a more efficient approach to web notifications that will drain less battery every time you get a notification on Safari.

The feature already came to iOS and iPadOS in the last update, allowing developers to swap their notification implementations to the simpler JSON format. Just for fun, here's what it looks like:

Read more
WWDC 2025 could be the least exciting Apple event in years — and I think that’s a good thing
Craig Federighi introducing macOS Sonoma at Apple's Worldwide Developers Conference (WWDC) in June 2023.

Apple’s Worldwide Developers Conference (WWDC) is just under one month away. Normally, this event is a time for Apple to showcase all the software updates it’s been working on over the last year, which usually means tons of exciting new features across macOS, iOS, iPadOS, and more.

This year, though, there are likely to be far fewer significant updates. Sure, we’ll see a few changes here and there with systems like macOS 16 and iOS 19 expected to get a smattering of new features.

Read more