It is recommended that Apple users disable this app, at least until it is updated
Network security and ethical hacking specialists
from the International Institute of Cyber Security reported the discovery of an
unpatched vulnerability in FaceTime,
the Apple
application for making audio and video calls. According to reports, this bug
would allow the receiver of a call to be viewed or heard before answering the
call.
This incident has become viral on Twitter and
other social network platforms, where users have shown their discomfort with
this security flaw, as any Apple device could become a spy machine without the
victim being able to realize it.
Network
security
specialists tested an iPhone X (with iOS 12.1.2) to verify the presence of the
vulnerability, making sure that the error exists. The test was also successful
on a MacBook with the Mojave MacOS.
This flaw, which some experts consider more a
design flaw than vulnerability, resides in the FaceTime group call feature,
recently launched by Apple. The process to reproduce the error is as follows:
- Start
a FaceTime video call with any contact - While
dialing the contact, slide up from the bottom of your iPhone screen and select “Add
Person” - In
“Add Person”, add your own number - This
will initiate a FaceTime group call between you and the person you called, so
you can listen to the caller’s receiver, even if the person still does not
accept the call
Network security specialists also mentioned
that if the person receiving the call presses the volume or the on/off button
(to mute or reject the call) the iPhone camera could turn on.
The company said that it has knowledge of the
incident and that it is already working on the correction of this bug. As the
FaceTime update arrives, Apple decided to temporarily disable the group call
feature, the flaw is expected to be corrected over the course of this week.
-
Disable on iPhone or iPad: Go to Settings, scroll down to
find the ‘FaceTime’ icon and choose ‘Disable function’ -
Disable on Mac: Open FaceTime on your Mac and
click on the upper left corner of the menu bar and then click “Disable
FaceTime”
