iPhone eavesdropping vulnerability forces Apple to disable its Walkie-Talkie app

 neowin.net  07/11/2019 09:52:01   Hamza Jawad

In January, a major security flaw was discovered in Apple's FaceTime service that allowed users to hear the person they were calling before the call was picked up. Although Apple apologized and promptly released a fix for the issue, it looks like the company might be in hot water with regards to security concerns yet again. A slightly similar but potentially larger vulnerability has now been discovered in the Walkie-Talkie app on the Apple Watch, leading to the tech giant temporary disabling the app.

The Walkie-Talkie app, released with watchOS 5 last year, enables users to converse with each other using a push-to-talk interface. Apple has confirmed that it has been notified about a bug in the app which could allow someone to listen through other people's iPhones without their consent. As of now, the company has stated that it is not aware of any users being affected by the issue. Apple's full statement to TechCrunch reads as follows:

"We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience."

Apple was informed of the vulnerability through its portal designed for this specific purpose. For now, the app is being disabled while a fix is worked upon. However, it will continue to remain installed on users' devices during this time period. Stay tuned for updates on a potential fix being rolled out.

Source: TechCrunch

« Go back