Apple Patches Group FaceTime FlawTeenaged Fortnite player gets credit for finding the bug.
Apple today issued software updates that fix a recently exposed Group FaceTime bug that would allow a caller to access your audio even if you don't pick up the call.
The teenager who found the bug while trying to set up a Group FaceTime session with friends, Grant Thompson, got an official acknowledgement from Apple in two advisories on the bug (CVE-2019-6223)—one for macOS Mojave 10.14.3 and other for iOS 12.1.4.
Apple described the flaw as a logic issue in how Group FaceTime handles calls, and that it had been filed "with improved state management." The patches came along with other security fixes, including another FaceTime service issue with Live Photos in FaceTime. "The issue was addressed with improved validation on the FaceTime server," Apple said in its advisory.
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio