Today Apple has released iOS 12.1.4, which is a minor point update that does not contain any major features. However, iOS 12.1.4 fixes what is considered one of the worst bugs in iOS history.
The bug enabled users to access the audio and video of any iPhone running iOS 12.1 or later without being detected. The way it works is by going to a contact and starting a FaceTime call, swiping up and selecting “Add Person” and then enter your own phone number and add yourself to the call.
Interestingly, a 14-year-old boy in Arizona named Grant Thompson was trying to play video games with friends when he accidentally discovered the vulnerability. On January 20, Grant’s mom Michele Thompson wrote a tweet that she contacted Apple Support about the problem in order to prevent the problem from falling into the wrong hands.
At first, Apple asked Michele to sign up as an Apple developer and file an official bug report. But then Apple acknowledged the issue and disabled Group FaceTime once the vulnerability gained a lot more attention. Apple also said that they are committed to improving the process by which these reports are received and escalated in the future.
“We have fixed the Group FaceTime security bug on Apple's servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug,” said an Apple spokesperson via MacRumors late last week. “We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone's patience as we complete this process.”
No comments:
Post a Comment