Apple says it has fixed the Group FaceTime security bug on its servers, and they’ll issue a software (iOS) update for users next week. In addition, the Cupertino firm also apologized to customers.
Apple issued the following statement (via MacRumors):
We have fixed the Group FaceTime security bug on Apple’s servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.
Revealed on Monday of this week, the FaceTime bug in question allowed one person to call another user on FaceTime, enter their own phone number as an additional users, and automatically attain access to the audio from the other person’s device even if that person didn’t accept the call. In some cases, video was also accessible.
While working on the fix, Apple disabled Group FaceTime on its servers, preventing the feature (and the bug) from working.
Apple has reportedly known about the bug for awhile, possibly at least since January 20, when the mother of a teenage contacted the iPhone maker. The woman says she didn’t receive any response from Apple, despite sending emails and a video.
Apple has already been hit with at least one lawsuit over the security issue, and New York State is launching a probe into whether Apple failed to properly warn its customers about the bug.
We’ll also tweet availability of the update when we see it, on our @MacTrast Twitter account.