While Apple normally likes to shout about its security efforts across its devices, the company has had a few notable slip ups lately. A few months ago, a FaceTime bug paved the way for secret eavesdropping through a Mac, iPhone or iPad microphone and now, a similar issue has been discovered as part of the Apple Watch Walkie-Talkie app.
The Walkie-Talkie app was introduced to WatchOS 5 last year and is also based on FaceTime. Watch users can add someone to their Walkie-Talkie contact list and then quickly communicate with them via the watch's speaker and microphone using a ‘push to talk' system just like a walkie talkie. While two users would normally need to accept an invite to activate Walkie-Talkie communication on the Apple Watch, a recently discovered vulnerability could allow users to circumvent this and eavesdrop with no knowledge from the targeted user.
Apple has since issued a statement clarifying that it is “aware of the vulnerability” and has disabled the Walkie-Talkie function on Apple Watch while they investigate a fix. Currently Apple is “not aware of any use of the vulnerability against a customer”, so it looks like whoever discovered the exploit managed to keep everything quiet while reporting the issue to Apple directly.
A fix hasn't rolled out just yet but we should hear more in the coming days.
KitGuru Says: Apple has had a couple of security slip-ups lately but we've seen that they are much quicker to action nowadays and tend to be very proactive when it comes to issues like this. Hopefully a fix can be rolled out fairly soon.