Apple Patches macOS Catalina Bug Which Exposed Some Encrypted Email Text
Apple’s latest macOS Catalina 10.5.3 update was released last week. The patch has reportedly fixed a number of small issues users were experiencing, one being a bug that allowed you to read partial texts of encrypted emails.
According to a report from The Verge, Apple fan and IT specialist Bob Gendler discovered the bug in July of 2019 and privately reported it directly to Apple. Months later, Gendler published a blog post on Medium disclosing the matter in November.
When Gendler published his post, The Verge caught wind of it and spoke to Apple, who told the publication it was working on patching the bug. Now, it appears as though they have. Gendler recently wrote a follow-up post, confirming the bug has been patched in the Catalina 10.5.3 update.
The bug gained only a small amount of attention as very specific actions were needed to be made in order to see the partial unencrypted text of encrypted emails. In Gendler’s November post, he said: “You need to be using macOS, Apple Mail, be sending encrypted emails from Apple Mail, not be using FileVault to encrypt your entire system already, and know exactly where in Apple’s system files to be looking for this information.”
While this specific patch is not mentioned in the macOS Cataline 10.5.3 patch notes, an AppleCare Enterprise Support reached out to Gendler to confirm the fix was made. Gendler has run additional tests to ensure the text of encrypted emails would no longer appear unencrypted.