Experts Found Security Flaw in OS X Spotlight Search
A new OS X bug has been recently discovered by German security researchers. This software flaw allows spammers and hackers get access to IP addresses and other sensitive information through the Spotlight search feature of OS X.
By default, OS X does not automatically load images and other files received in emails as they may contain viruses and tiny utilities used by cybercriminals to collect confidential data. That is good. However, Spotlight search opens any content found inside of emails and in such a way may make your private information available for hackers.
A glitch arises when OS X Mail users utilize Spotlight search in OS X, which includes emails in the search results. Spotlight ignores the remote content block preference from Mail and loads the remote email files as part of the search process.
To be on the safe side, I suggest that you should disable the Spotlight feature, which includes emails in search results and wait for the security update. Don’t expect that it will come soon as the guys from Cupertino haven’t yet commented on the issue.
[via