Earlier this month, Apple’s Walkie-Talkie app was disabled on the Apple Watch after a vulnerability was discovered.
Apple has apologised for the app’s outage but haven’t gone into any detail about the exploit. The company told TechCrunch that the vulnerability allows users to listen in on other iPhones and that ‘specific conditions and sequences of events are required to exploit it’. However, they also stated that there’s no evidence that the vulnerability was exploited.
Apple’s statement regarding the issue reads:
‘We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.’
The Apple Watch app allows users to send an invite to another user to enable a push-to-talk call through the watch. The app was added to Apple Watches in the release of watchOS 5 last year and will still be installed on the watches now, but calls won’t connect.
Earlier this year, Apple disabled another of its services due to a vulnerability, group FaceTime calling. The company was slow to respond to the group calling issue, reportedly not responding to the individual attempting to report the bug, but they’ve been seen to be out in front of the Walkie-Talkie vulnerability.
This month Apple also pushed out an update to disable a feature in the Zoom conferencing app on Macs that allowed users webcams to be remotely activated by any website if they had the Zoom app installed.