Benjamin Mayo of 9to5Mac, reporting on a serious iOS bug just discovered for FaceTime:

A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call.

Naturally, this poses a pretty privacy problem as you can essentially listen in on any iOS user, although it still rings like normal, so you can’t be 100% covert about it. Nevertheless, there is no indication on the recipient’s side that you could hear any of their audio.

Mayo continues by listing the details of how to reproduce the bug yourself when calling someone else, which involves a few very simple steps that anyone can perform. The simplicity of reproduction makes this bug especially dangerous.

Following up on Mayo’s report, Dieter Bohn of The Verge shared that things get even worse:

To recap: due to this FaceTime bug, which appears to affect all devices running iOS 12.1 or later, any caller can gain access to another user’s microphone feed while the call is ringing. And if the person receiving the call in that scenario tries to dismiss the call, it may unintentionally be answered, activating the device’s camera as well.

Apple gave the following statement to John Paczkowski of BuzzFeed:

Hopefully ‘later this week’ ends up translating to the next day or two, as some serious havoc could be wrought by this bug on unsuspecting users. Until that software update is released, we strongly recommend disabling FaceTime from Settings ⇾ FaceTime on your devices, or at the very least be aware that incoming calls you receive could be tapping into your microphone without your consent.