Heads up Mac OS X users, a security flaw has been spotted in Apple’s Preview application, the default app used to open image and PDF files. It was discovered by Christian Kienle, a developer for several Mac apps, and while it may not seem like a huge flaw, for those who deal with sensitive PDF files on a daily occasional basis this could be an issue.
In the Preview app, you can select a portion of the PDF file, copy it and then paste it into a new file. For example if you wanted to forward someone a PDF file but minus the sensitive information, you would select the non-sensitive portions, copy it into a new file before sending.
On the surface it appears that you have done just that, but if you were to rotate the PDF file in either direction, the sensitive information that you painstakingly attempted to keep out of the document makes an appearance, as pictured above. Having tried this out for myself, it appears that this is indeed the case. At the moment it is unknown if this issue is limited to a flaw in Preview or if it’s an issue with PDF files, but until Apple releases a fix to address the issue, perhaps copying and pasting sensitive information may be best done with a different application.
Check out the video below for a (rather lengthy) demonstration of the flaw in action.
Privacy issues with PDFs created using Preview.app from Ebbinghaus on Vimeo.
Filed in Mac (Apple), OS X, Pdf, Preview and Security.
. Read more about