Shortly after it was discovered a widespread security flaw allows Group FaceTime users to listen in on conversations before a call has been answered, Apple has completely disabled the feature.
As it stands right now, Group FaceTime is “temporarily unavailable” on iOS and macOS.
Launching a previous Group FaceTime chat from the platform’s ‘Call History’ results in the call attempting to launch, failing to go through and not properly cancelling (I was actually forced to turn my phone off and on again). Further, starting a new multi-person call results in a ‘temporarily unavailable’ message appearing.
The security flaw, which was first reported by Bloomberg and 9to5Mac, appears to only occur with Group FaceTime calls. MobileSyrup was able to independently confirm and replicate the flaw with an iPhone 8 Plus running iOS 12.1.2 and an iPhone X on iOS 12.1.3.
In order to replicate the security flaw, users need to launch a conference call, input someone’s phone number and then add the number of an additional contact. While waiting for the first person to pick up, if the second participant answers, the audio feed from the first contact is automatically turned on, allowing you to hear what their mic is picking up even if they don’t answer.
Apple says it will release an update later this week to fix the exploit. The bug is not present in the most recent public beta version of iOS 12.2.
In order to deactivate FaceTime on your iOS device, navigate to ‘Settings,’ then tap on ‘FaceTime’ and select ‘Off.’
Update 02/01/2019: Apple has released the following statement about the Group FaceTime glitch, stating that the company is “improve the process” regarding issues like this being reported.
“We have fixed the Group FaceTime security bug on Apple’s server’s and we will issue a security update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug.
We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone’s patience as we complete this process.
We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the but, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible.
We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us.”