Apple has disabled its Walkie Talkie Watch app due to a vulnerability that could’ve allowed someone to listen in on other iPhones, the company told Techcrunch. In a statement, Apple said that the vulnerability — which requires specific conditions and actions to exploit — hasn’t been used against anyone as far as it knows. It apologized to users and said it would restore the app once a fix is found.
We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.
Walkie Talkie is a FaceTime feature that enables push-to-talk calls between users, provided they grant permission. The feature was added to Watch with the release of watchOS 5, and gives users a fun, Dick Tracy-like way to communicate, anywhere in the world.
Facetime has been Apple’s biggest security headache of late. Early this year, a teenager discovered a vulnerability that allowed someone to listen in on a call before it was picked up. Apple failed to respond promptly to that issue, which drew the attention of a US House Committee.
The company seems to have learned its lesson, handling the bug (reported on its vulnerability portal) promptly and taking action to mitigate it. Apple also took decisive action just yesterday after a major bug was reported with Zoom’s videoconferencing software.