Apple disables Walkie-Talkie app on Watch following iPhone eavesdropping vulnerability: Report
Apple has disabled its Walkie Talkie app on Apple Watch after it discovered a vulnerability which could allow people to listen to the conversation of a Watch user through the help of an iPhone, TechCrunch reported.
The Apple Watch’s Walkie Talkie app allows two users to do audio chats among each other through a push to talk interface. It was included in the Apple Watch only last year during the launch of Apple’s watchOS 5.
Apple did not give many details about the nature of the app’s bug or how many users it has affected. The app is reportedly installed in many Apple Watches however calls are not going through.
According to the TechCrunch report, Apple got to know about the problem through its report a vulnerability portal and has informed that there was no evidence that the bug was exploited.
The iPhone maker has said that it is only temporarily disabling the feature until it can ready a fix to the bug.
Apple in a statement to TechCrunch has said, “We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.”
To recall, earlier this year Apple had discovered a vulnerability in the FaceTime group calling functionality which let users listen in on Apple devices even before a call was picked up. Apple was reportedly slow in reacting to the bug back then. But this time around, the technology giant has closely followed the vulnerability tip it got and disabled the feature.
The company has also pushed out a silent update recently for its Mac users which removes the local web server installed in Mac devices by Zoom video conferencing app.