According to Apple, there is a bug in email encryption under macOS 10.15 Catalina. The company plans to fix this in a later update.
According to a new report from The Verge, a vulnerability in Apple's Mail application was discovered by IT specialist Bob Gendler. Gendler made the discovery while investigating Siri under macOS. According to the report, a special file would save the contents of emails that should actually be encrypted. Even after removing a private key, the content was still readable. The problem is said to exist not only in macOS Catalina but also in Mojave, High Sierra and Sierra. In The Verge report is it [called:
"Apple tells The Verge it is aware of the issue and said it will be addressed in a future software update. The company also said it only stores parts of emails. But the fact that Apple is still somehow leaving parts of encrypted emails open when they are explicitly meant to be encrypted is obviously not good."
The investigation also found that not all users of the above-mentioned operating systems are affected by this problem. However, there is a temporary solution according to Apple. The company explained to The Verge how new emails can be protected from the bug. Users can open the "Siri" section via the system settings and then navigate to the "Siri & Privacy" section. Now the "Mail" tab must be selected in the submenu and the "Learn from this app" option must be deactivated. As already mentioned above, it is unclear how many people are actually affected. Gendler writes:
"It raises the question of what else is being tracked and potentially stored improperly without you knowing."
It remains unclear which update will ultimately fix the bug. However, it can be assumed that Apple will act as quickly as possible. (Photo by Somchai Choosiri / Bigstockphoto)
