Apple Extinguishes Malicious Software Bug That Exploits Personal FaceTime Conversations

From time to time, it comes to Apple’s attention that software vulnerabilities were discovered within one of its many mobile or desktop computing platforms. Indeed, the Silicon Valley tech-giant’s world-class software titles are by no means immune to all the bugs and viruses and computer-based mutations and what not — but the company is, for its part, rather “quick to the punch,” especially when it comes to addressing any issues that present themselves as an imminent threat to Apple’s customers.

For instance, just consider the freshly-minted set of iOS and OS X software updates that were released just yesterday. On the surface, they may seem unnecessary, or even unwarranted, sure; however, deep beneath the surface is where you’ll learn that these otherwise marginal updates were actually released in order to patch a nasty, underlying FaceTime vulnerability allowing knowledgeable Apple hackers were able to autonomously intercept, monitor, and even record audio content transmitted within a typical FaceTime call.

Prior to yesterday’s spur-of-the-moment update, according to Apple, “an unknown agent” would have been able to create deferred access to a “privileged network position” — from which, in turn, they’d have been able to exploit the vulnerability that was discovered and squashed yesterday afternoon.

The vulnerability, which Apple is still working to identify as of this morning, apparently made it so that any ill-willed agents could essentially include themselves in an ostensibly private FaceTime conversation — including even AFTER you’ve hung up the call! As if any of us would capriciously consent to some unknown entity eavesdropping in on our conversations, right? 

In any case, Apple has since patched the issue — via the release of intermittent software updates for both iOS and OS X, respectively, which also happen to be inclusive of over 60 new iOS and OS X upgrades. You can check out the whole kit and caboodle of them on Apple’s official security updates page. 

The issue, itself, was originally reported to Apple by one of the company’s own research staff members, Martin Vigo.

And while Apple provided the software updates, themselves, in a timely manner, the Cupertino-company, as usual, was somewhat mum on the intricate details of how, or by what means, the bug ultimately came to fruition.

But that’s just Apple, right? Cupertino is notorious for offering quick-fix solutions without delving into too much peripheral detail. However, from the brief description provided on Apple’s website, it appears that the FaceTime bug we’re talking about was some kind of “man-in-the-middle” type of interference.

The vulnerability has since been reserved with the identifier CVE-2016-4635 in the “Common Vulnerabilities and Exposures database”, however, as we mentioned, additional details have so far not been published.

Well, at least we’re protected in the interim, right?

What are your thoughts about this FaceTime vulnerability? Let us know in the comments!