iPhone, iPad, or Mac users might disable FaceTime to avoid being spied through their devices.
Experts warn that it is possible to call someone via FaceTime and listen via the microphone of their devices before they accept or reject the call.
“There’s a major bug in FaceTime right now that lets you connect to someone and hear their audio without the person even accepting the call.” reads a thread published on MacRumors.
“This bug is making the rounds on social media, and as 9to5Mac points out, there are major privacy concerns involved. You can force a FaceTime call with someone and hear what they’re saying, perhaps even without their knowledge.
We tested the bug at MacRumors and were able to initiate a FaceTime call with each other where we could hear the person on the other end without ever having pressed the button to accept the call.”
The flaw affected iOS 12.1 and 12.2 versions, and
The procedure to exploit this vulnerability is:
When a connection is started, the screen of the caller appears like a standard Group FaceTime call sans video, while on the other person’s screen, it still looks like the call hasn’t been accepted.
The experts pointed out that if the callee press the power button, the front-facing camera feed is also secretly shown to the caller.
Below a video showing the issue:
“The damage potential here is real. You can listen in to soundbites of any iPhone user’s ongoing conversation without them ever knowing that you could hear them. Until Apple fixes the bug, it’s not clear how to defend yourself against this attack either aside from disabling FaceTime altogether.”reported 9to5mac.com.
“As it stands, if your phone is ringing with an incoming FaceTime request, the person on the other end could be listening in.”
Apple will release a security patch to address the vulnerability later this week.
In you want to disable FaceTime follow these instructions.
“Apple says the issue will be addressed in a software update “later this week”. (Update: Apple has taken Group FaceTime offline in an attempt to address the issue in the interim).” continues 9to5mac.com.