X

Apple fixes its FaceTime bug. You'll get a software update soon

It's ready to put Group FaceTime's eavesdropping issues behind it.

Roger Cheng Former Executive Editor / Head of News
Roger Cheng (he/him/his) was the executive editor in charge of CNET News, managing everything from daily breaking news to in-depth investigative packages. Prior to this, he was on the telecommunications beat and wrote for Dow Jones Newswires and The Wall Street Journal for nearly a decade and got his start writing and laying out pages at a local paper in Southern California. He's a devoted Trojan alum and thinks sleep is the perfect -- if unattainable -- hobby for a parent.
Expertise Mobile, 5G, Big Tech, Social Media Credentials
  • SABEW Best in Business 2011 Award for Breaking News Coverage, Eddie Award in 2020 for 5G coverage, runner-up National Arts & Entertainment Journalism Award for culture analysis.
Roger Cheng
2 min read
FaceTime grupal

Apple says the bug is fixed.

César Salza / CNET

Apple has closed the Group FaceTime security bug that put users at risk of eavesdropping.

The company said in a statement Friday that it has fixed the vulnerability on its servers and that it will issue a software update to re-enable Group FaceTime next week.

The bug had meant that any Apple device -- including iPhones , iPads and Macs -- could inadvertently or intentionally be turned into a listening device. It was all in how you entered the number of someone you were looping into the video chat. Group FaceTime, which arrived with iOS 12.1 at the end of October, allows up to 32 people to be on the same call.

Apple also apologized to users who were affected.

"We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us," the company said.

Watch this: Apple’s FaceTime bug and why iPhone sales are slowing down

The bug was another black eye for a company that prides itself on its efforts to protect its users' information. CEO Tim Cook has advocated for more privacy regulation and taken subtle shots at companies that use our data to create personalized ads.

It didn't help matters that Apple missed an opportunity to fix the problem more promptly.

In its statement, Apple thanked the Thompson family for reporting the bug. Michele Thompson's teenaged son had discovered the vulnerability while playing Fortnite, CNET reported, and she spent a week trying, through a variety of means, to get the company to pay attention.

"I tried my best to report it to them, and they didn't listen," Thompson told CNET.

The bug allowed FaceTime users to call another device and hear audio on the other end before the recipient answered the call. That is, it turned the device into a hot mic without the user's knowledge.

In an awkward turn of events, the news broke on Data Privacy Day.

Apple said it's working on improving its process for receiving and escalating tips.

Here's Apple's full statement:

We have fixed the Group FaceTime security bug on Apple's servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone's patience as we complete this process. 

We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.

Privacy fight: Apple restores Facebook's permission to run internal apps

The return of the iPhone SE: The phone's available in the box, not as a refurb.