SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Apple Switches Off Apple Watch Walkie-Talkies to Nix Eavesdropping Bug

Posted on July 12, 2019

In response to the discovery of a new critical bug in one of Apple’s own apps, the company has disabled some functionality in Apple Watches to protect users. 

The issue lies with the Walkie-Talkie app, a default app on the Apple Watch designed to let users connect with one of their friends directly for “push to talk” chatting. Once a staple feature on older cell phones, Apple included Walkie-Talkie as a fun addition — yet it seems to have come with a not so fun side-effect of its own. Details are scarce, but Apple says that it learned about a security flaw in the app via a submission to its public “Report a Vulnerability” page. 

What could this exploit allow? Apple says that someone leveraging a specific set of steps to trigger the bug could use it to listen in on someone else’s iPhone or Apple Watch without their permission — an obvious privacy concern. Apple did not disclose what the process is necessary to trigger the bug but did state that they were not aware of any instances in which the exploit had been used against a real customer. However, out of an abundance of caution, they were turning off access to the Walkie-Talkie app for now. 

This event recalls the Cupertino company’s response to a severe issue in Group FaceTime, discovered by a teenage gamer, that could have allowed users to eavesdrop on others through an unusual sequence of user inputs. In that case, Apple turned off the Group FaceTime servers entirely until they could formulate and deploy a solution to fix the problem. The situation with Walkie-Talkie functionality seems to be a similar case.

Apple is expected to release an update to correct the bug and to re-enable the feature as soon as possible, although the company did not provide a timeframe in its initial announcement. Check back for more information as this story develops. 

Join our mailing list for the latest security news and deals