Apple patches FaceTime eavesdropping bug, credits 14-year old who found it

Apple has released a iOS 12.1.4 with a fix for the bug that allowed FaceTime callers to listen in on a recipient’s iPhone even if the call was never answered. 

The iOS 12.1.4 patch caps off a busy week for Apple on security and privacy issues, with the company responding not just a gaping FaceTime hole in iOS security but Facebook and Google being caught misusing its enterprise program for distributing data-collecting apps to the public that should have been restricted to employees of each company.

Apple last week apologized over the FaceTime bug, which affected iOS 12.1 and later, if both caller and recipient were on those versions of Apple’s mobile OS. Group FaceTime arrived in iOS 12.1.

The bug was discovered by 14 year-old Grant Thompson of Arizona and reported by his mother in late January. Last week she publicly criticized Apple for the difficulties she faced reporting the bug.

Apple disabled the Group FaceTime feature about 10 days after her first attempts to contact it, but only after media outlets drew attention to the easily exploitable eavesdropping bug on January 28.