Apple has disabled the Walkie-Talkie app on the Apple Watch, because of a flaw that lets users eavesdrop on other people’s iPhones. The Walkie-Talkie app lets two people who had accepted an invitation send and receive short audio messages.

But Apple said it had been “made aware” of a flaw that “could allow somebody to listen through another customer’s iPhone without consent”. It has disabled the feature and apologised for the inconvenience.

However, Apple said it was not aware of the Walkie-Talkie bug being exploited by anybody in the real world. It said “specific conditions and sequences of events” would be required to exploit the bug.

Apple found a similar “eavesdropping” flaw in its FaceTime video-calling app back in January. In some cases, callers could activate the microphone on a target iPhone even if the recipient did not answer their call. It issued a software update to fix the flaw.

Webcam exposed

In a separate issue, video-conferencing platform Zoom has addressed a flaw that lets attackers access webcams without permission. Researcher Jonathan Leitschuh found a bug that lets attackers initiate video calls and access a target’s webcam. Zoom initially described the issue as low priority. But on Tuesday (9th of July, 2019), it issued an update to address the problem. “We appreciate the hard work of the security researcher in identifying security concerns on our platform,” it said in a statement.







Author avatar