iOS 12.1.4 Update Released, Fixing Group FaceTime Eavesdropping Bug
Apple has finally fixed the eavesdropping bug affecting the Group FaceTime feature through iOS 12.1.4. Alongside the latest iOS update, the Cupertino company has also restored the Group FaceTime server. This means all the devices running iOS 12.1.4 will now be able to use Group FaceTime. However, the feature is still not available for older iOS versions. Apple had disabled Group FaceTime last week — after the bug that allowed eavesdropping to users was reported publicly. The iOS 12.1.4 update is available for download for compatible iPhone and iPad models.
The official release notes of the iOS 12.1.4 update don’t detail any new additions. Nevertheless, Apple’s support page confirms that the new iOS update addresses the bug that allowed users to listen to the audio of other participants in a Group FaceTime call even if they hadn’t accepted that call. “A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management,” the company wrote on the support page while briefing the fix.
The bug was first discovered on January 19 by a 14-year-old Arizona teenager. It was reported publiclyby major publications last week, though. Apple also on Thursday separately announced that it would contribute toward the education of the high school student who discovered the bug initially.
In the aftermath of the media reports about the bug, Apple had disabled the Group FaceTime feature altogether for all users. The iPhone maker had also notified users about the unavailability of the feature through the system status page on its website.
However, Apple has now restored the Group FaceTime server for all users who are on iOS 12.1.4. This means iPhone and iPad users having the latest iOS update can now make Group FaceTime calls. At the same time, users on older iOS versions — iOS 12.1.3 or a previous version — are still not allowed to use the group calling feature.
The system status webpage explicitly shows that the Group FaceTime service has been restored for the latest iOS version. We were able to independently verify the restoration of the Group FaceTime feature on devices running iOS 12.1.4. However, the ability to add new participants to a FaceTime call by swiping up the screen wasn’t available at the time of filing this story.
Separately, the engineers at Apple have also found an unidentified vulnerability in the Live Photos feature of FaceTime while conducting a thorough security audit of the FaceTime service and made changes accordingly. “To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS,” the company said in a media statement, as reported by 9to5Mac.
Google’s Project Zero security team additionally spotted that the iOS 12.1.4 update addresses a couple of zero-day vulnerabilities that were exploited in the wild. The two vulnerabilities, known as CVE-2019-7286 and CVE-2019-7287, were related to a “memory corruption issue”.
How to download iOS 12.1.4 update
The iOS 12.1.4 update is compatible with all the iPhone and iPad models running iOS 12. To download the latest version on your device, go to Settings > General > Software Update and then follow the on-screen instructions.
Your device should be using a Wi-Fi connection to download the over-the-air update. Also, it is recommended to back up your data, and ensuring your device has over 50 percent of charge or connected to a power source before beginning the update process.