Apple releases bug fix for embarrassing security flaw that allowed FaceTime eavesdropping

Share

Apple has not revealed the exact amount it is giving 14-year-old Grant Thompson but it is believed to include money to help pay for his education. The company has come under fire for its delayed response. By initiating a Group Call and adding your own number after calling someone on FaceTime, it was possible to hear the recipient's audio before they answered.

Apple's bug bounty policy has led one security researcher to withhold details on a password-stealing vulnerability in the MacOS operating system.

Now, Apple has finally credited Thompson and Daven Morris from Arlington, Texas in the patch notes to its latest update.

The company also says they uncovered another flaw during a "thorough security audit of the FaceTime service".

Читайте также: Measles outbreak grows in anti-vaccination hot spot

The damage may already have been done, however, as the company is already facing lawsuits over the FaceTime bug as well as an upcoming grilling by concerned lawmakers. News of the bug first hit last Monday, (Jan. 28), and Apple disabled Group FaceTime later that night, to prevent users from being spied upon. While Apple had already addressed the issue on its servers, AppleInsider pointed out, iOS 12.1.4 fixes this exploit on devices.

Apple initially said it would release updates to macOS and iOS addressing the flaw within a few days of its public disclosure. The two vulnerabilities, known as CVE-2019-7286 and CVE-2019-7287, were related to a "memory corruption issue". You will need Wi-Fi access and your battery to be charged above 50 percent, or the device will need to be connected to a charger. Macs are also getting an updated version of macOS 10.14.3 to fix the Group FaceTime flaw, as this feature is also built into that platform.

Users can update their software by going to "Settings" on their device, choosing "General" and selecting "Software Update".

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог

Share