Apple releases iOS 12.1.4 with fix for FaceTime eavesdropping bug

Ajustar Comentario Impresión

After discovering that the FaceTime app had such a huge bug, people began tagging and tweeting to Apple to come up with a fix. The company had also disabled Group FaceTime to prevent anyone from misusing the flaw. "The issue was addressed with improved validation on the FaceTime server".

The renewed software, labeled as iOS 12.1.4, can be installed on Apple mobile devices in the Software Update tab under Settings.

To run the update on Mac, click on Apple Logo and go to System Preferences Software Update Update Now.

Apple likewise reveals to The Verge that it's compensating the Thompson family for discovering the flaw, and giving an additional gift to finance Grant Thompson's educational cost.

The tech giant was forced to temporarily disable the group chat function while it scrambled to find a fix to an eavesdropping bug originally discovered by 14-year-old Grant Thompson of Tucson, Arizona. "The team has updated the company servers to block the feature for macOS and iOS' older versions", the spokesperson continued. Apple's Continuity feature allows users to take FaceTime and regular audio calls on their iPhone on the Mac as well.

And that patch is ready with Apple confirming that an update is available for iOS 12 right now.

Launch System Preferences and open Software Update. According to the release notes, this bug was caused by a logic issue in how Group FaceTime calls were handled.

In December, Apple fixed another FaceTime bug - this one was just an annoyance, and not a major privacy risk - with iOS 12.1.1. 'You can FaceTime any iOS device running 12.1 and listen in remotely-WITHOUT THE OTHER PERSON ANSWERING THE CALL'. Thompson will receive some contribution from the company for his education.

In addition to the macOS and iOS updates, Apple also released Shortcuts 2.1.3 to fix vulnerabilities found in Shortcuts for iOS.

Neither Hawks, Google nor Apple has provided any public detail on where the exploitation of the zero-day flaws is occurring.

Comentarios