Apple fixes Group FaceTime bug with iOS 12.1.4 update
Apple has released the iOS 12.1.4 update, closing the Group FaceTime bug issue that affected users recently. With the security update, Apple has turned the Group FaceTime feature back on.
Last week, users discovered that the application had a bug where they can hear the audio of the person they’re calling even if it hasn’t been picked up yet. Along with the OS update, Apple gave out the following statement:
“Today’s software update fixes the security bug in Group FaceTime. We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS.”
In the detailed security information of the update, Apple noted the bug users experienced and also gave credit to the teenager, Grant Thompson, who first discovered the vulnerability and alerted the company about it.
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Impact: The initiator of a Group FaceTime call may be able to cause the recipient to answer
Description: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management.
CVE-2019-6223: Grant Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX
Group FaceTime will now require iOS 12.1.4 for it to work. Users who are still on iOS 12.1.1 to 12.1.3 will have the feature disabled and are encouraged to update to the latest OS for their own security as well.