SAN FRANCISCO — Apple has released an iPhone update to fix a software flaw that allowed people to eavesdrop on others while using FaceTime.
The bug enabled interlopers to turn an iPhone into a live microphone while using Group FaceTime. Callers were able to activate another person’s microphone remotely even before the person has accepted or rejected the call.
Apple turned off the group-chat feature last week, after a 14-year-old boy in Tucson, Arizona, discovered the flaw. The teenager, Grant Thompson, and his mother said they unsuccessfully tried to contact the company about the problem for more than a week. Apple has been criticized for the delay in responding and has promised to improve procedures.
The FaceTime repair is included in the latest version of Apple’s iOS 12 system, which became available to install Thursday.
Although the FaceTime bug has now been addressed, its emergence is particularly embarrassing for Apple. The bug exposed Apple customers to potential surveillance at a time that CEO Tim Cook has been repeatedly declaring that personal privacy is a “fundamental human right.”
Cook also has publicly skewered Facebook and Google, two companies that collect personal information to sell advertising, for not doing enough to protect people’s privacy.
Apple credited Thompson for discovering the FaceTime bug as part of its software update, nearly a week after thanking him for reporting the bug in the first place.
As often occurs when people flag software flaws, Thompson will be rewarded for his sleuthing. Apple plans to contribute to Thompson’s college fund in addition to paying a bounty to him and his family for reporting the bug. The company, which has $245 billion in cash, isn’t disclosing the amounts.