APPLE has launched a new iOS update to fix a FaceTime flaw that allowed people to eavesdrop on other people’s iPhones before they even picked up the call.
The company has released the iOS 12.1.14 software update that affects iPhones and iPads after a bug was publicised over a week ago.
The new update is only minor but still noticeable as it reboots the FaceTime feature that was disabled at the end of January.
The iOS flaw has been classified as a huge privacy error that allowed anyone to listen and even see what the receiver was doing on the other end, even if the FaceTime call was not answered.
To update your iPhone, navigate to Settings > General > Software Update.
The tech company has released their latest update after a teenager and mother from Arizona, USA, reported the bug in January by attempting to contact the company multiple times and claim to not have received a reply.
My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff! #apple #bugreport @foxnews
— MGT7 (@MGT7500) January 21, 2019
I have letters, emails, tweets and msgs. sent to Apple for 10+ days reporting the Group FaceTime bug that lets someone listen in. My teenager discovered it! Never heard back from them. #apple #facetimebug @FoxNews @cnbc @CNN
— MGT7 (@MGT7500) January 29, 2019
Apple initially addressed the issue on January 28, nearly ten days after the bug was claimed to first be reported, by disabling the feature.
On February 1, the company released an apology statement:
“We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
“We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”
On February 7, Apple announced the fix:
“Today’s software update fixes the security bug in Group FaceTime. We again apologise to our customers and we thank them for their patience.
“In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime.
“To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.”
The privacy breach has since led to investigations, lawsuits, and a congressional inquiry.
The mother of the teenager told USA press ‘there needs to be a better process for the average citizen to report things like this, and a timelier response’.
Here is the detailed video that Michele and her son Grant sent to Apple's Product Security team, explaining the FaceTime bug, which they uploaded on Jan. 25.
We've blurred out the phone numbers shown to protect their privacy: pic.twitter.com/ZYrnogek61
— alfred 🆖 (@alfredwkng) January 29, 2019