Sometimes a bug gets patched without much fanfare, and that appears to be the case with the recent public release of macOS Catalina 10.15.3.
According to Bob Gendler (via The Verge), who discovered the initial bug in macOS Catalina in the first place, Apple has patched the issue with the latest public update for the desktop operating system. The bug made it possible to read snippets of emails as if they were unencrypted, despite the fact they were encrypted.
Gendler originally discovered the bug in July of last year, and let Apple know about it soon after that. We reported about the bug in November, which, at the time, Apple said that it would patch the bug at some point in the future. Now it turns out that Apple did indeed patch the issue with the release of macOS Catalina 10.15.3.
I participate in the Appleseed Beta program and regularly test early releases of updates. I was very pleased to see in the release notes as betas were released for 10.15.3 that encrypted emails will no longer appear in Spotlight searches. I was also contacted by AppleCare Enterprise Support around the same time about the upcoming fix. In less than 90 days from my previous blog post, the public release of 10.15.3 solves the email encryption bug.
As we noted in the original report, this particular issue more than likely only impacted a small number of Mail users. The unencrypted snippets were stored in a hard-to-find database file in macOS, which is used for Siri Suggestions.
It’s worth noting that in beta seeds of macOS Catalina 10.15.3, Apple said that encrypted emails won’t show up in Spotlight searches, as pointed out by Gendler. However, the public release notes of macOS Catalina 10.15.3 didn’t make any mention of patching the bug.
Apple may have patched the bug directly, without reporting it, or may have just changed the methodology of indexing encrypted emails to prevent the bug from cropping up again. Either way, based on what Gendler has discovered, it appears Apple has fixed the problem.