If you're using iPhone Mirroring at work: it's time to stop, lest you give your employer's IT department the capability to snoop through your dating apps, photos, messages — and anything else you might want to keep to yourself.
iPhone Mirroring is a feature that allows users to wirelessly use iPhones for viewing content on the device, using apps, and receiving notifications on a Mac. It requires macOS 15 Sequoia, iOS 18, and Apple Silicon to work.
It's great for home use, but presents a serious privacy risk for employers and employees using a work-issued Mac computer.
"For iPhone users, this Apple bug is a major privacy risk because it can expose aspects of their personal lives that they don't want to share or that could put them at risk," according to Sevco Security, which spotted the data-leaking flaw and reported it to Apple.
This includes potentially exposing a VPN app in a country that restricts internet access, a dating app that reveals the user's sexual orientation in a region where that's not safe or has legal consequences, a health app that inadvertently shares a medical condition or pregnancy that the employee doesn't want their work to know about, or even just run-of-the-mill NSFW video and photos.
Plus, for organizations, "this bug represents a new data liability from potentially collecting private employee data" that could lead to privacy law violations, lawsuits, and government agency enforcement actions, the researchers note.
According to Sevco, executing mdfind, a command line interface in macOS Spotlight, in a terminal that has set up Mirroring, exposes full disk access plus personal iOS apps and metadata.
Here's the command line interface the researchers used to reproduce this flaw:
Apple, we're told, has identified the cause and is working on a fix. The Register reached out to the iThings giant for comment and a timeline but did not receive an immediate response.
- Apple fixes bug that let VoiceOver shout your passwords
- Apple Intelligence won't be available in Europe because Tim's terrified of watchdogs
- Scammers in the slammer for years after ripping off Apple with fake iPhone returns
- Google brings better bricking to Androids, to curtail crims
Sevco says it has alerted "several enterprise software vendors" that share customers with the security shop and Apple, and has also notified its own customers that have collected or could potentially collect private employee data - and then suffer the consequences.
But to be blunt, companies should also alert employees about the issue, advise them not to use this feature at work, and also work with any third-party enterprise IT vendors that collect software inventory from Macs until Apple issues a patch. ®