This week, Apple has rolled out security updates for different Apple products. These include numerous security fixes in watchOS and iOS. Thankfully, they also re-enabled Walkie Talkie with iOS 12.4 as Apple patched Walkie-Talkie bug reported lately.
Apple Patched Walkie-Talkie Bug
Around a week ago, Apple disabled the Walkie-Talkie app following the discovery of a bug. They came to know of an eavesdropping vulnerability in the app that breached users’ privacy. The flaw could let the app listen to users’ iPhone conversations without consent.
Upon acknowledgement of the flaw, Apple temporarily disabled the app to avoid any issues. This week, Apple patched Walkie-Talkie bug as it rolled out iOS 12.4. As mentioned in its advisory,
Includes a security fix for the Walkie-Talkie app on Apple Watch and re-enables Walkie-Talkie functionality.
Other iOS 12.4 Fixes
The newly released iOS 12.4 also carries numerous other security fixes. Some prominent security patches address vulnerabilities in Core Data (CVE-2019-8646, CVE-2019-8647, CVE-2019-8660) that could allow remote attacks leading to memory leak and arbitrary code execution, and multiple security flaws in WebKit.
Apple also fixed an out-of-bounds read flaw in Siri (CVE-2019-8646), a memory corruption issue in FaceTime (CVE-2019-8648), and a denial of service issue in Messages (CVE-2019-8665).
WatchOS 5.3 Rolled-Out
Alongside iOS 12.4, Apple has made numerous bug fixes with the release of watchOS 5.3 as well. Some of the bugs also affected iOS, such as CVE-2019-8648, CVE-2019-8665 and CVE-2019-8646, and Core Data flaws.
In addition, Apple also patched an out-of-bounds read flaw (CVE-2019-8624) affecting the Digital Touch. Upon exploit, it could enable a remote attacker to leak memory.
A flaw in Messages (CVE-2019-8659) also received a patch regarding which Apple stated in the advisory,
Users removed from an iMessage conversation may still be able to alter state.
Users of Apple products must ensure updating their devices to the latest OS versions to stay protected from potential exploits.
Take your time to comment on this article.
Latest posts by Abeerah Hashim (see all)
- Linux SUDO Vulnerability Found That Allows Low Privileged Users To Run Commands As Root - October 15, 2019
- Mozilla Hardens Their Firefox Browser To Fend Off Code Injection Attacks - October 15, 2019
- Samsung Customer Finds Simple Security Glitch That Allows Authentication Bypass in Galaxy S10 Fingerprint Reader - October 15, 2019