Last week, a major security flaw in Group FaceTime was discovered. Through a set of steps that were fairly easy to reproduce, users could hear the audio from the person they were calling before they even picked up the phone. Apple was quick to shut down the feature, and promised that a fix would be coming soon.
The fix is here now in the form of iOS 12.1.4, and there's a supplemental update for macOS 10.14.3. Apple will turn Group FaceTime calls back on, but only for people that install today's update.
There are some other security fixes in today's updates as well. In iOS 12.1.4, there's a fix for a Live Photos flaw that was discovered in FaceTime's security audit. There's an IOKit fix for an issue that allowed an app to execute code with kernel privileges, and a Foundation fix for an issue that allowed an app to gain elevated privileges. For the macOS supplemental update, it has the same changelog except for the IOKit issue.
Unfortunately, it seems like those running the iOS 12.2 beta don't have these fixes yet, so testers will have to wait until the next build.
6 Comments - Add comment