Skip to main content

Apple releases iOS 12.1.4 to fix Group FaceTime security flaw

Apple releases iOS 12.1.4 to fix Group FaceTime security flaw


Update your devices right now

Share this story

A photo of the iPhone with the FaceTime icon
Photo by Dan Seifert / The Verge

Apple is releasing iOS 12.1.4 today to fix a security flaw in the company’s Group FaceTime feature. Discovered last week, the bug allowed anyone to call a phone or Mac and listen in before the other person picked up. Apple has now fixed the flaw that let you add yourself to a FaceTime call before the recipient picked up, tricking FaceTime into thinking it was an active call.

Apple quickly disabled its Group FaceTime feature on the server side to prevent people from exploiting this flaw, after the details emerged publicly last week. It later emerged that Apple was warned about this major FaceTime flaw a couple of weeks ago, but that the company was slow to respond through its official channels. It’s still not clear how long this security flaw existed in iOS 12, given that Group FaceTime was introduced three months ago with the iOS 12.1 update.

While Apple had promised to release a fix for the problem last week, it delayed the update until today. Apple is now “committed to improving” how it deals with bug reports in the future, to avoid situations where bug reports may be ignored. Apple is also working on its iOS 12.2 update, which includes new giraffe, shark, warthog, and owl Animoji and an endorsement of AT&T’s fake 5G E network.