Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

iOS 12.1.4 Now Available With Group FaceTime Bug Fix

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,523
30,816



Apple today released a new iOS 12.1.4 update for the iPhone, iPad, and iPod touch, with the new software designed to fix an insidious privacy-invading Group FaceTime bug that could be exploited to eavesdrop on conversations.

The new iOS 12.1.4 software can be downloaded on all eligible devices over-the-air using the Settings app. To download it, go to Settings --> General --> Software update.


Though Apple's release notes for the update list "security updates" without going into specifics, the issue that's being fixed here is the Group FaceTime vulnerability. After the bug was widely publicized last week, Apple promised a fix, which was delayed to this week.

The FaceTime bug allowed someone to spy on you without your permission or knowledge. By exploiting the bug, a person could initiate a FaceTime call with you and then add themselves to the call again to force a Group FaceTime connection.

When this happened, the bug caused the person to be able to hear the audio on your end, despite the fact that the call was never answered and still looked like a standard FaceTime incoming call interface. In some situations, if you pressed the side button to silence a call, it would even give the person access to your video.

It was a serious bug, so serious that Apple took its entire Group FaceTime server offline as the company took the time to prepare the iOS 12.1.4 update. The Group FaceTime bug was publicized last Monday and Group FaceTime has been offline since then.

The Group FaceTime bug may have required some major under-the-hood changes to FaceTime given that it took Apple nearly two weeks to fix the issue. Following today's update, the Group FaceTime bug will no longer be able to be exploited and Apple will be able to bring its Group FaceTime server back online.

It continues to be unclear just how long the Group FaceTime bug was available for. Group FaceTime was introduced last October, and Apple has not let us know if the bug has been around since that launch date or if it was introduced in a later iOS 12 update.

Article Link: iOS 12.1.4 Now Available With Group FaceTime Bug Fix
 
Article Link
https://www.macrumors.com/2019/02/07/ios-12-1-4-group-facetime-fix-now-available/
AngerDanger

AngerDanger

Graphics
Staff member
Dec 9, 2008
5,452
29,003

Still really digging the all caps "MAJOR" in the title of the video, but I think the thumbnail needs more work to really grab people's attention.

g7BqFdK.gif


M-Life said:
So is Group FaceTime re enabled server side? Or do they wait for a certain percent to upgrade? Those on 12.1.3 will still be vulnerable correct?
Click to expand...
I presume Group FaceTime is re-enabled server side for all those who make a FaceTime call with the newest version of iOS. It probably remains disabled for earlier versions.
 
Last edited:
  • Like
Reactions: Totemsflare, MrGuder, leventozler and 11 others
mi7chy

mi7chy

macrumors G4
Oct 24, 2014
10,495
11,155
Who's going to be first to find the new sequence of steps to retrigger it like the recurring iMessage DoS bug with new sequence of characters.
 
  • Like
Reactions: poe diddley and wwetech
M-Life

M-Life

macrumors 6502a
Jul 15, 2006
515
1,350
Hol-Leawood
AngerDanger said:
I presume Group FaceTime is re-enabled server side for all those who make a FaceTime call with the newest version of iOS. It probably remains disabled for earlier versions.
Click to expand...

Thanks. You can tell my tech background is lacking, I didn't know this was possible.
 
jsmith189

jsmith189

macrumors 68000
Jan 12, 2014
1,705
3,406
Very strange. Pressed install, and it asked for my passcode, but also said I'd had three failed attempts already. It was definitely my first.

Anyway, installing now. Fingers crossed lol.
 
M

MoreRumors?

macrumors 6502a
Feb 28, 2018
894
674
I figure I may as well do it now. Who knows how many have heard me give off various gas ;).

KPOM said:
It shows up for my iPad but not my iPhone yet. Odd.
Click to expand...
I was able to do it on my iPhone, then again some are able to get it at various time. I will have to do the iPads and Mac later.
 
theapplehead

theapplehead

macrumors 6502a
Dec 17, 2018
782
929
North Carolina
MacRumors said:



Apple today released a new iOS 12.1.4 update for the iPhone, iPad, and iPod touch, with the new software designed to fix an insidious privacy-invading Group FaceTime bug that could be exploited to eavesdrop on conversations.

The new iOS 12.1.4 software can be downloaded on all eligible devices over-the-air using the Settings app. To download it, go to Settings --> General --> Software update.


Though Apple's release notes for the update list "security updates" without going into specifics, the issue that's being fixed here is the Group FaceTime vulnerability. After the bug was widely publicized last week, Apple promised a fix, which was delayed to this week.

The FaceTime bug allowed someone to spy on you without your permission or knowledge. By exploiting the bug, a person could initiate a FaceTime call with you and then add themselves to the call again to force a Group FaceTime connection.

When this happened, the bug caused the person to be able to hear the audio on your end, despite the fact that the call was never answered and still looked like a standard FaceTime incoming call interface. In some situations, if you pressed the side button to silence a call, it would even give the person access to your video.

It was a serious bug, so serious that Apple took its entire Group FaceTime server offline as the company took the time to prepare the iOS 12.1.4 update. The Group FaceTime bug was publicized last Monday and Group FaceTime has been offline since then.

The Group FaceTime bug may have required some major under-the-hood changes to FaceTime given that it took Apple nearly two weeks to fix the issue. Following today's update, the Group FaceTime bug will no longer be able to be exploited and Apple will be able to bring its Group FaceTime server back online.

It continues to be unclear just how long the Group FaceTime bug was available for. Group FaceTime was introduced last October, and Apple has not let us know if the bug has been around since that launch date or if it was introduced in a later iOS 12 update.

Article Link: iOS 12.1.4 Now Available With Group FaceTime Bug Fix
Click to expand...
It’s about time Apple. Only a week behind......but who even uses Group FaceTime anyways? Might as well update just in case
 
4

44267547

Cancelled
Jul 12, 2016
37,642
42,491
theapplehead said:
but who even uses Group FaceTime anyways?
Click to expand...

Really? Broaden your imagination. This is a _huge_ tool for companies for communicating when they can’t congregate together or if employees are spread about, or family members that are set apart that can’t can see each other regularly.

The Agency that I work for, is already planning on using group FaceTime for when we have a scheduled meeting, when not all the employees can attend because we work different shifts/hours. I would say this a nice advantage to have when I can be at home and talk to my supervisor/other fellow colleagues direct with this new feature.
 
  • Like
Reactions: DynoRunnerr, martyjmclean, t1meless1nf1n1t and 2 others
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom