This morning, Apple released iOS 12.1.4 update for iPhone, iPad and iPod. This update was released to fix the FaceTime group chat vulnerability which violated users privacy. Apple previously blocked the vulnerability through the offline FaceTime group chat server, making the feature unusable. Currently, all devices that can run iOS 12 can be updated to iOS 12.1.4 via Settings – General – Software Update.
Although Apple did not elaborate on the update, the updated security documentation mentions a fix for the FaceTime Group Chat vulnerability. After the vulnerability was exposed last week, Apple promised to fix it, but then said in a statement that the release of the software update will be postponed to this week. Apple has updated the system status page, which shows that FaceTime group chat has been re-launched, but users need to update to the latest iOS 12.1.4, while the FaceTime group chat feature remains disabled for users of the previous system. Considering that it took Apple nearly two weeks to fix this problem, the FaceTime group chat bug may require some significant internal changes to FaceTime. It is believed that after today’s update, this vulnerability will no longer be exploitable by malicious people.
The FaceTime group chat feature was launched in October last year, and there is no idea if the vulnerability existed since the release date or if it came with an iOS 12 update. The company is already subject to investigations from the New York government and federal lawmakers regarding the FaceTime vulnerability. Despite the release of this update, Apple will still answer some questions already sent to it by federal lawmakers.