According to Apple’s security advisory, the update addresses vulnerabilities affecting components including Apple Intelligence Reports, Core Bluetooth, Finder, and the privacy control system TCC (Transparency, Consent, and Control). The update, macOS Sequoia 15.5, fixes eight major security flaws that specifically target user privacy and data security across various system components. These security flaws collectively created a concerning attack surface where malicious applications could potentially harvest sensitive user data despite Apple’s normally robust privacy protections. The update also addresses other critical security issues, including sandbox escapes and elevated privilege vulnerabilities that could compound the risk of data exposure. The Notification Center (CVE-2025-24142) and StoreKit (CVE-2025-31242) components contained privacy issues where log entries might reveal sensitive information, potentially exposing user data. The fact that eight different components had similar sensitive data access issues shows the challenge of maintaining privacy boundaries in feature-rich operating systems. This security release comes as Apple emphasizes privacy as a core feature of its ecosystem while balancing advanced functionality like Apple Intelligence across its platforms. Security experts emphasize that these vulnerabilities highlight the increasing sophistication of potential privacy exploits in modern operating systems.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 13 May 2025 05:55:05 +0000