Apple Temporarily Disables Walkie-Talkie App for Apple Watch Due to Eavesdropping Vulnerability
The company issued a statement noting that it was just notified about the vulnerability and has temporarily disabled the Walkie-Talkie functionality while a fix is developed. The Walkie-Talkie app will remain installed on users' Apple Watches, but it will not be functional until the fix is deployed.
We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.
Walkie-Talkie debuted last fall in watchOS 5, and it allows users to easily communicate with each other via voice from their wrists using a push-to-talk function.
As TechCrunch points out, the issue is reminiscent of a serious Group FaceTime bug discovered early this year that could allow callers to hear a user's audio without the call being accepted. In that scenario, Apple remotely disabled Group FaceTime once the issue was discovered, and pushed out an emergency bug fix a week and a half later as part of iOS 12.1.4.