Encrypted emails sent on macOS are not fully protected

Most technology users assume that operating systems developed by Apple are more secure than their counterparts sold by other companies; however, ethical hacking specialists point out that these systems have never been exempt from some security flaws. Not all of these flaws are serious, and they are rarely exploited in the wild, but their potential appearance remains one of the main concerns for Apple.

A few days ago, Apple released macOS Catalina v10.15.3 in response to a report (received a few months ago) that discloses a serious vulnerability in the operating system. This flaw would have allowed users to access some encrypted email snippets in a fully readable way.

Apparently, the flaw only affected some Apple users, as these emails snippets were stored in a really hard-to-find macOS database, which was created to record some suggestions for voice assistant Siri. “Any user wishing to access this compromised information must use macOS and Apple Mail, as well as know exactly where in the Apple system files to search to find this information, so finding these email fragments is a complex task,” Apple’s security report says.

Although ethical hacking experts found no reports on the correction of this flaw in the announcement of the release of macOS 10.15.3, during the reports of the beta versions of Catalina 10.15.3 it is mentioned that “the emails will no longer appear in Spotlight searches”, which could indicate that Apple made some changes to the way it indexes encrypted emails in Apple Mail to avoid these kinds of inconveniences.

Bob Gendler, ethical hacking researcher and specialist who discovered the vulnerability, claims that during his tests (conducted independently) he noticed that the database file that received these encrypted messages also stopped showing the anomalous activity. Soon after, Gendler revealed that AppleCare Enterprise Support contacted him to inform him directly that the issue had already been fixed.