Apple disables Walkie Talkie app due to a vulnerability that could allow listening to the iPhone – TechCrunch

Apple has disabled the Apple Watch Walkie Talkie app due to an unspecified vulnerability that could allow a person to listen to the iPhone from another client without consent, said the company at TechCrunch tonight.

Apple is excused for the bug and for the inconvenience of not being able to use this feature as long as a fix is ​​made.

The Walkie Talkie app on Apple Watch allows two users who have accepted an invitation to receive audio chat via a "push-to-talk" interface reminiscent of the PTT buttons of older mobile phones.

A statement from Apple reads as follows:

We have just become aware of a vulnerability related to the Walkie Talkie application on the Apple Watch and have disabled the function while we are quickly solving the problem. We apologize to our customers for the inconvenience and restore functionality as soon as possible. Although we are not aware of any use of the vulnerability against a client and that specific conditions and sequences of events are necessary to exploit it, we take safety and security very seriously. the confidentiality of our customers. We concluded that disabling the application was the correct solution because this bug could allow someone to listen through the iPhone to another client without consent. We apologize again for this problem and the inconvenience.

Apple was alerted of the bug via its report via a vulnerabilities portal directly and indicated that there was no current evidence of its exploitation in the wild.

The company temporarily temporarily disables the feature until a fix can be made and extended to the devices. The Walkie Talkie app will remain installed on the devices, but will not work until it has been updated with the fix.

Earlier this year, a problem had been discovered in FaceTime's group call feature, which allowed people to listen before a call was accepted. It turned out that the teenager who discovered the bug, Grant Thompson, tried to contact Apple about the problem but could not get an answer. Apple corrected the bug and ended up rewarding Thompson with a bug bonus. This time, Apple seems to be listening more closely to reports coming through its vulnerability information line and turning off the feature.

Earlier today, Apple quietly pushed a Mac update to remove a feature of the Zoom Conferencing application that allowed it to bypass Mac restrictions to deliver a more hands-on calling experience. fluid, while allowing emails and websites to add a user to an active video call. without their permission.