‘Sploitlight’ Vulnerability: How Hackers Bypassed Apple’s TCC Protections

Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data despite security measures.

Apple patched a critical macOS vulnerability earlier this year that allowed attackers to bypass system protections and access sensitive user data across multiple devices, security researchers at Microsoft recently revealed.

Dubbed “Sploitlight” for its exploitation of Spotlight plugins, the flaw was uncovered by Microsoft’s Security Vulnerability Research team during a routine scan for privileged processes.

Microsoft’s recent blog post reads, in part: “After discovering the bypass technique during proactive hunting for processes with privileged entitlements, we shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR).”

Although Apple released a fix for the flaw in a March 31 security update, any systems that have not yet installed the patch remain at risk.

What is Sploitlight?

Sploitlight is ...