Apple 10144 Published by

A new flaw in Apple's OS X Yosemite Spotlight search has been discovered. It neglects a setting in the Mail app that could leak users' personal information, which can then be used by cyber criminals



From Neowin:
The issue starts with a single HTML email sent to a user. Many spammers and marketers include tracking pixels into the email messages they send, and these can be used to track the open-rate of these sent messages. Nonetheless, this alone isn't the only thing that can be tracked by these tracking pixels. The sender, through server logs, can find out the specific email address used to open the email, and most alarmingly, discover the IP address of the receiver.

In line with this, many privacy concerned users of Apple Mail have set the application to not "load remote content in messages." This therefore blocks the sender of the message of any personal information.
  Mac OS X Yosemite's Spotlight search glitch could leak your personal data