David J Peacock

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.2 **Description** The indexing functionality in Spotlight writes memory contents to an external hard drive, allowing local users to obtain sensitive information by reading from this drive. **Recommendations** For Apple OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.10.2 **Description** The issue is related to the SpotlightIndex in Apple OS X, where it does not properly perform deserialization during access to a permission cache. This allows local users to read search results associated with other users' protected files via a Spotlight query. **Recommendations** For Apple OS X versions prior to 10.10.2, update to version 10.10.2 or later to resolve the issue.