Apple releases fix for the FaceTime eavesdropping exploit and will pay a reward to the teen who found it

Key Points
  • Apple just released a fix for a group FaceTime exploit that let people eavesdrop on conversations.
  • Apple deactivated group FaceTime as a temporary holdover until it made a more permanent fix.
  • CNBC's Todd Haselton explains how to update your iPhone.
A customer looks at Apple's iPhone XS at the Apple Store in Tokyo, Japan.
Issei Kato | Reuters

Apple just released iOS 12.1.4 which includes a fix for a group FaceTime bug that let people eavesdrop on conversations even if they never answered a call.

The bug went viral last week after 14-year old Grant Thompson discovered that, while group FaceTiming with friends on his iPhone, he was able to hear someone who hadn't picked up when he called. Apple will compensate the teenager and his family for discovering the flaw. It will also make a contribution toward Grant's education.

Here's what Apple said on Thursday:

"Today's software update fixes the security bug in Group FaceTime," Apple said. "We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security. This includes a previously unidentified vulnerability in the Live Photos feature of FaceTime. To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS."

Here's how to update your iPhone:

  • Open settings on your iPhone.
  • Tap General.
  • Choose Software Update.

Let your iPhone download and install the new software.

How Apple responded to the teen who found the iPhone FaceTime bug