Apple has advised it has repaired a security hole in Group FaceTime that allowed users to listen in to others without their permission on its servers, with a software update to address the issue on iPhones and iPads arriving in the next week.
In a statement received by AppleInsider, Apple explains it has formed a solution to the Group FaceTime exploit, and has already deployed the fix to its servers. As part of the repair process, Apple will also be releasing an update that makes changes to Group FaceTime on the client-side, re-enabling the feature at the same time.
Shortly after the discovery of the bug, Apple quickly disabled Group FaceTime for all users while a fix was in production.
While Apple has been criticized for being slow to respond to a user advising there was a privacy issue, the iPhone producer thanks "the Thompson family" for reporting the bug, adding "We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible."
In the wake of the exploit's discovery, Apple has become the subject of multiple lawsuits over the feature, with activities in the United States and Canada, as well as an investigation by New York state, currently underway.
Apple also uses the statement to apologize to customers who were affected or concerned by the issue.
Apple's full statement reads:
We have fixed the Group FaceTime security bug on Apple's server's and we will issue a security update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug.We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone's patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the but, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible.
We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.
Group FaceTime functionality will not be restored to devices that aren't updated with the new patch.
6 Comments
I believe apple handled this security issue , as fast as possible. I hope apple analyses bugs with more employees next time.
Apple fixed it as soon as they could. People expecting an instantaneous response are delusional. How long does it take for the government to call for a recall on dangerous goods? How long does it take for a bug to reach someone who can shut off a service?
I hope the typos in the quoted statement (“server’s” and “reproduce the but”) are from AppleInsider’s end and not the original Apple statement.
That aside, it’s good to know the fix is coming soon.
😎🇮🇪☘️