Apple fixes a flaw in macOS that reveals unencrypted screenshots of encrypted messages

Last week, Apple released version 10.15.3 of the operating system (macOS Catalina), which came to fix a vulnerability that allowed hackers to read some parts of encrypted emails as if they were not encrypted, according to security researcher (Bob Gendler).

 

Gendler had discovered the vulnerability last July and informed Apple about it in private, months before it was announced last November, after it had refrained from fixing the vulnerability.

 

And The Verge quoted Apple when Gendler published the article announcing the vulnerability that it was working to fix the vulnerability in a future update, and now it is releasing the fix after about 3 months. The vulnerability likely affected a small number of users, as screenshots of unencrypted emails were found in a database file that is difficult to find using Siri suggestions, and those screenshots can only be seen under very specific circumstances.

It is noteworthy that Apple did not mention the fix for the vulnerability in the release statement of the macOS 10.15. To prevent vulnerabilities such as those discovered by Gendler.

Source: The Arab Gateway for Technical News

​​