FaceTime allowed eavesdropping on users
Detected bug appears on iOS version 12.1 and older, and is related to the FaceTime group calling feature.
The essence of the vulnerability is as follows:
1. The user is making a FaceTime call.
2. Before the caller answers, the user adds their number as another caller.
3. The application perceives this as a call activation and starts transmitting sound. This is despite the fact that the receiving person did not even answer the call.
4. And if the interlocutor presses the volume or off key, then the application will start transmitting the video as well.
Apple promised to fix the vulnerability by the end of this week and have currently disabled FaceTime at the server level.
The danger of an error is that the interlocutor will not notice the difference with a normal call. Therefore, if you want to be safe, you can turn off FaceTime on your device until the update.
iOS:
one. Go to the “Settings” section.
2. Select “FaceTime”.
3. Disable the feature.
macOS:
1 . Start the application.
2. Open the menu.
3. Turn off “FaceTime”.