iOS 12.1.4 Rolls Out Fixing Group FaceTime Eavesdropping Bug

Apple has finally fixed the bug that lets users eavesdrop on unanswered Group FaceTime calls. The software updates, iOS 12.1.4 and macOS Mojave 10.14.3, rolled out to iPhones, iPads and Mac computers today, fixing the much-discussed bug nine days after it was discovered.

The bug allowed users to listen to another person's voice or even see their live video just by calling them, without them answering the call. It was a big security issue. Apple just disabled the group FaceTime calling feature and assured that it will fix the bug soon.

Apple's official statement about the bug and fix guarantees:

Today’s software update fixes the security bug in Group FaceTime. We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.

Apple said it will compensate 14-year-old Grant Thompson and his family for flagging the bug more than a week before it attracted national attention. The company, which didn't reveal the reward, said it will also contribute money toward his education.

(via)