Apple prides itself on its security. At CES, it even promoted the line “What happens on iPhone stays on iPhone.” So it was unexpected when reports surfaced about a vulnerability in FaceTime that lets people eavesdrop on group FaceTime chats.
The vulnerability, found in iOS 12.1, was so easy to exploit and so far-reaching that experts recommended turning off FaceTime, government agencies started investigations, and even Apple itself disabled the group chats feature.
Apple says it’s fixed the problem and will push out a software update to affected users soon. However, as the story broke, Armis worked side by side with our clients and partners to let them know if they were exposed. Armis lets you take inventory of impacted devices specifically running the impacted versions of iOS 12.1.x.
This is a simple query from Armis that took less time to return results than it took you to read this sentence.
We went a step further and peered into the traffic to detect actual FaceTime usage on those devices:
Some clients chose to create simple policies within Armis that alert the appropriate IT/Security personnel and even block those devices automatically from the corporate network.
Armis detects vulnerabilities like these automatically, and mitigates the risk to help keep what happens in your business inside your business. We regularly work with our customers to make sure these capabilities like these are integrated into the platform as soon as new vulnerabilities are disclosed. Armis can now:
This is the kind of real-time visibility – and mitigation – Armis brings. We deliver the ability to see and take action in a world of connected devices. Devices that sometimes have unexpected vulnerabilities.
Sign up to receive the latest news