With any luck, Apple has nixed the Group FaceTime exploit that led to a wave of criticism in recent weeks.
The company has released both iOS 12.1.4 as well as a supplemental update to macOS Mojave with both updates re-enabling Group FaceTime by fixing a security hole that potentially allowed others to listen in to private conversations without the user’s permission.
iOS 12.1.4 specifically targets Group FaceTime, which was disabled upon discovery of the exploit. Apple, which last Friday noted that a fix had been deployed to its servers, began creating an update for its user base as well.
While the update follows on from iOS 12.1.3, the previous public version of the mobile operating system, it doesn’t seem that there are any other changes made to the software, aside from the FaceTime fix.
The Group FaceTime exploit was relatively simple to perform, with the caller starting a FaceTime video call with a contact, then while the call is ringing, they added themselves to the call as a third party using their phone number. If properly executed, the Group FaceTime call commenced, with the original recipient’s audio streaming before the call is accepted.
It’s also thought that Apple may reward the 14-year-old user who discovered the wide-reaching bug, Grant Thompson, an award via the company’s bug bounty program.
If you’ve tried the updates and have any feedback to offer, please let us know what you make of them in the comments.
Via AppleInsider