Apple iOS Update Fixes Group FaceTime Privacy Bug. Reward Goes to Teen Who Discovered the Glitch
Apple stomped the group FaceTime bug that allowed people to eavesdrop on other iPhone users. The fix was included in a rollout of the iOS update 12.1.4 on Thursday.
While that’s great news for iPhone users, the kid who found the bug, 14-year-old Grant Thompson, has even more reason to celebrate. Apple is compensating Thompson’s family and making an additional gift toward his education.
The iPhone maker declined to comment on how much it was giving the Thompson family, however the bug bounty payout comes after Apple was initially slow to respond to multiple attempts from Michele Thompson, the teen’s mother, who reported the bug. Apple’s bug bounty program, which was launched in 2016 to engage outside security researchers, offers as much as $200,000 for a bug.
After the bug was disclosed last month, Apple temporarily pressed disable on group FaceTime until it could roll out the iOS 12.1.4 update to fix the problem.
“We again apologize to our customers and we thank them for their patience. In addition to addressing the bug that was reported, our team conducted a thorough security audit of the FaceTime service and made additional updates to both the FaceTime app and server to improve security,” the company said in a statement.
It turns out, the downtime led Apple to another vulnerability in its LivePhotos feature of FaceTime.
“To protect customers who have not yet upgraded to the latest software, we have updated our servers to block the Live Photos feature of FaceTime for older versions of iOS and macOS,” the statement said.