Skip to main content
The homepageThe VergeThe Verge logo.
The homepageThe VergeThe Verge logo.
Posted
E
External Link
Emma Roth
Microsoft uncovered a security flaw affecting macOS’s Spotlight.

The vulnerability (CVE-2025-31199), which Apple patched in a March 31st update, could give bad actors access to files inside a device’s Downloads folder and data cached by Apple Intelligence. That includes geolocation data, media metadata, and facial recognition info, according to a report from Microsoft Threat Intelligence.

Security researchers discovered the flaw after using Spotlight plugins to bypass a security feature made to prevent third-party services from gaining access to user data.

Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.

Most Popular

Most Popular
  1. Epic just won its Google lawsuit again, and Android may never be the same
  2. Nintendo Switch prices are going up after this weekend
  3. Google’s Pixel Tablet is $190 off for a limited time
  4. Google has just two weeks to begin cracking open Android, it admits in emergency filing
  5. Samsung TVs are coming back online after apps stopped working

More in News

Tesla to pay more than $200 million in damages after being found partly liable for fatal Autopilot crashTesla to pay more than $200 million in damages after being found partly liable for fatal Autopilot crash
Fujifilm is raising camera prices by up to $800Fujifilm is raising camera prices by up to $800
Google backtracks on plans to deactivate shortened goo.gl linksGoogle backtracks on plans to deactivate shortened goo.gl links
Google has just two weeks to begin cracking open Android, it admits in emergency filingGoogle has just two weeks to begin cracking open Android, it admits in emergency filing
Verizon is upping its fees againVerizon is upping its fees again
Reddit pauses its paywall plansReddit pauses its paywall plans

Top Stories