A serious FaceTime Group Call bug was discovered that lets you instantly access audio from the microphone and potentially the video of the person you called on FaceTime. The bug was fixed, but new issues have arisen in its place.
Update: February 18, 2019: FaceTime bug fix removes the 'Add Person' feature for one-to-one calls
Apple pushed out iOS 12.1.4 recently to fix the security bug with Group FaceTime. The fix, it appears, is in part, to keep the "Add Person" feature disabled for FaceTime calls that start out as one-to-one calls. As discovered by MacRumors forum members, when starting a FaceTime call with a single person, you can't add a person to that call.
Though some FaceTime users also reported not being able to add a second person, even during a call that started as a Group call, I was able to successfully start a Group call with two others, and add a fourth person.
It's important to note that you can't Group FaceTime with anyone not running iOS 12.1.4. If your friends are still running an older version of iOS, or if they're in the beta program (which hasn't pushed out a Group FaceTime bug fix yet), their names will be grayed out and you won't be able to start or add them to a Group FaceTime call.
According to a FaceTime user that contacted Apple Support, the Add Person bug is a known issue, with no information about whether or when it will return.
The following is the original article regarding the issue.
February 1, 2019: Apple has sent me a new statement:
"We have fixed the Group FaceTime security bug on Apple's servers and we will issue a software update to re-enable the feature for users next week. We thank the Thompson family for reporting the bug. We sincerely apologize to our customers who were affected and all who were concerned about this security issue. We appreciate everyone's patience as we complete this process.We want to assure our customers that as soon as our engineering team became aware of the details necessary to reproduce the bug, they quickly disabled Group FaceTime and began work on the fix. We are committed to improving the process by which we receive and escalate these reports, in order to get them to the right people as fast as possible. We take the security of our products extremely seriously and we are committed to continuing to earn the trust Apple customers place in us."
Here's the previous statement Apple provided:
"We're aware of this issue and we have identified a fix that will be released in a software update later this week."
UPDATE: Apple has turned off the Group FaceTime service, effectively killing the bug and any potential exploit, until a proper fix is pushed out.
UPDATE: Apple has taken down FaceTime Group Calls to prevent anyone from abusing the bug before the fix is pushed out.
News of the audio bug first started making the rounds on social.
Now you can answer for yourself on FaceTime even if they don’t answer🤒#Apple explain this.. pic.twitter.com/gr8llRKZxJNow you can answer for yourself on FaceTime even if they don’t answer🤒#Apple explain this.. pic.twitter.com/gr8llRKZxJ— DEAD FRIENDS™ (@DeadFriendsCHI) January 28, 2019January 28, 2019
It was then picked up and reproduced by 9to5Mac and Buzzfeed, among others, where the video portion of the bug was discovered.
And, thanks to Continuity, if you have multiple devices logged into FaceTime and running iOS 12 or macOS Mojave, the chaos is exponential — all the devices will ring and can potentially be used to access the respective device mics.
After years of relative inactivity, with iOS 12, Apple greatly enhanced and expanded FaceTime. In addition to Memoji and AR stickers, Apple added FaceTime Group Calls, which finally allowed for multi-user coherence calling on FaceTime.
It appears to be that new conference calling system that's allowing the remote mic and potential camera exploit to function.
As always, bugs happen, so all we can do is wait and see how well and quickly Apple fixes it. Which, according to the statement, should be very soon.
