Apple Watch Walkie Talkie App Disabled After Eavesdropping Security Flaw Discovered
Apple has announced that it has disabled the Apple Watch Walkie Talkie app due to a recently discovered security and privacy vulnerability in the app. Apple didn't give any specifics on the vulnerability, only stating that the flaw could allow a person to listen on another customer's conversation without consent. Apple has apologized to users for removing the app, but it is working on a fix.
Once a fix is made to address the vulnerability, Apple is expected to relaunch the Walkie Talkie app. Apple did issue a statement on the vulnerability, saying that it disabled the function "as we quickly fix the issue." Apple goes on to say that it will restore functionality as soon as possible. The statement also makes it clear that Apple is not aware of any use of the vulnerability against a customer.
While the nature of the vulnerability and the steps required to exploit it are unknown at this point, Apple did note that exploiting the vulnerability required specific conditions and sequences of events. Apple maintains that security and privacy is something that it takes "extremely seriously" and that disabling the app function was the "right course of action."
Apple will leave the Walkie Talkie App on Apple Watches, but the app won't function until a fix can be made. Recently, Apple had a bug in group FaceTime earlier this year that could have allowed eavesdropping on iPhone users. The teen who discovered that flaw was eventually paid via the Apple Bug Bounty program.
Apple was alerted to the Walkie Talkie App flaw directly via its vulnerability reporting portal. Presumably, the person who discovered this flaw will be paid a bug bounty for reporting it.