Apple introduced a unique communication feature with watchOS 5 that allowed the Apple Watch to double as a walkie talkie using a dedicated app. The company has now disabled the eponymous Walkie-Talkie app due to a vulnerability that could allow malicious parties to eavesdrop on another person through an iPhone and listen to their conversation. The vulnerability was brought to light using Apple's own platform for reporting security issues and vulnerabilities. Details on how the vulnerability could be exploited have not been made public, but the app has been disabled until the flaw is fixed.
As per a report from TechCrunch, Apple was alerted about the vulnerability via the company's official vulnerability reporting portal and as soon as it was confirmed, Apple shut down the functionality of the Walkie-Talkie app to make sure that the flaw is not exploited. As per Apple, there have been no reports so far of the vulnerability being exploited.
“We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue”, Apple said in a statement. The company added that exploiting the Walkie-Talkie app vulnerability requires a very specific set of conditions and sequence of executable steps to let an individual eavesdrop on another user through their iPhone. "We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer's iPhone without consent," the statement added.
Apple apologised for the inconvenience caused by disabling the Walkie-Talkie app's functionality, rendering it unusable, and has promised to get the app working as soon as the vulnerability has been patched. The app will remain installed, but will only revert back to functioning normally once the flaw has been addressed, possibly via a small update.