The company told TechCrunch it found a vulnerability that allowed users to listen in on another iPhone without consent. Apple said it is not aware of any use of the vulnerability against a customer, although it was reportedly alerted to the bug through its report a vulnerability tool.
Here’s Apple’s statement on the matter:
“We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.”
The Walkie-Talkie app is a new feature that arrived on WatchOS 5 and precisely does what you’d expect: Turns your Apple Watch into a Walkie Talkie so you can have an easy one-on-one conversation – with someone who has a compatible Apple Watch – with a tap. It suggests contacts you frequently call, text or email, and it works over Wi-Fi and Cellular. For more, see our WatchOS guide.
Apple plans to roll out a fix to the app. In the meantime, it will remain installed on devices; it just won’t work until the flaw has been resolved.