Questions? Call 877-752-7170 or contact@fyrmassociates.com

Cve 2014 8832

macOS Spotlight Data Leak (Vulnerability Fixed)

For a period of time, it was possible to read snippets of memory on a screen-locked mac OS system from the USB port. A while back we noticed some interesting files created by macOS when inserting a USB drive. These files were related to Spotlight, macOS’s built-in search functionality which indexes and enables searching of files on the system, among other things. The presence of the files is fairly standard, as an invisible /Volumes/<Volume Name>/.

Continue reading