“Using the Spotlight search feature in OS X Yosemite can leak IP addresses and private details to spammers and other e-mail-based scammers, according to tests independently performed by two news outlets,” Dan Goodin reports for Ars Technica.
“The potential privacy glitch affects people who have configured the Mac Mail App to turn off the “load remote content in messages” setting, as security experts have long advised,” Goodin reports. “But even when remote image viewing is disabled in Yosemite-based Mail app settings, the images will be opened by Spotlight, according to two recent media reports. ”
Goodin reports, “When spotlight returns a preview of e-mails containing the term, it loads the images, overriding the option. Images are loaded even when the previewed message has landed in a users’ junk mail folder.”
Read more in the full article here.
MacDailyNews Take: Yeesh. There’s one to fix, Apple.