Apple releases iOS 12.1.4, fixes iPhone FaceTime spying bug


A United States teenager who discovered a security flaw in Apple's FaceTime video-calling system has been given a bug bounty. According to the release notes, this bug was caused by a logic issue in how Group FaceTime calls were handled. The teenager uncovered the problem when using FaceTime to talk about strategies for the Fortnite game with friends.

Group FaceTime remains permanently disabled in the earlier versions of iOS that could run it, back to iOS 12.1, though the Group FaceTime servers have been re-enabled. By initiating a Group Call and adding your own number after calling someone on FaceTime, it was possible to hear the recipient's audio before they answered. This means iPhone and iPad users having the latest iOS update can now make Group FaceTime calls. The fix was included in a rollout of the iOS update 12.1.4 on Thursday.

Alternatively, if you have Automatic Updates enabled (you can find this setting in Settings General Software Update), then you can just wait for it to automatically download and install.

More news: India vs New Zealand: T20I Series Schedule, Venue & Match Timings

As we see from the video there are no major speed improvements in the new iOS 12.14 over the previous iOS 12.1.3 software. We were able to independently verify the restoration of the Group FaceTime feature on devices running iOS 12.1.4.

In a recent interview with CNBC, Grant and Michele Thompson revealed that an Apple executive (they wouldn't reveal who) flew out to meet with them both after the news broke about the FaceTime bug. The CVE-2019-7286 vulnerability is apparently a "memory corruption issue" that potentially allowed "an application to gain elevated privileges", with a different "memory corruption issue" referenced as CVE-2019-7287 as it opened the door for "an application to execute arbitrary code with kernel privileges".

To update your Mac, open System Preferences (Apple Logo System Preferences), click Software Update and click Update Now.