Apple Pushes iOS 12.1.4 Update With Group FaceTime Fix For iPhones, iPads

group facetime
Although it's arriving later than originally promised, Apple has just issued iOS 12.1.4, which fixes the widely publicized Group FaceTime bug that was revealed early last week. In short, the bug allowed anyone to eavesdrop on your iPhone's microphone by initiating a FaceTime call, and video could even be obtained (without the receiver’s permission) via the exploit.

Apple initially disabled Group FaceTime on its servers to immediately shutdown the exploit, and last Friday it instituted a server-side fix for the problem. The release of iOS 12.1.4 now brings relieve on the consumer side for iPhones and iPads.

The bug was initially discovered by a teenager, Grant Thompson, who stumbled across it while hanging out with friends. He told his mom about the exploit, who then tried to get in contact with Apple via email, phone, fax, Twitter and Facebook. Apple did not respond to any of her attempts to report the exploit, and after the Group FaceTime bug went public, she went on a tweet-storm to let the world know what transpired.

apple ces

Apple did eventually acknowledge Grant's part in discovering the Group FaceTime bug, writing in a statement, "We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue.

"We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us."

Although Apple has not confirmed this, it's likely that the company will somehow attempt to reward Grant Thompson for his discovery under the iOS Bug Bounty program.


Via:  Apple
Show comments blog comments powered by Disqus