Apple Disables Watch Walkie Talkie App Due to Security Flaw That Let You Eavesdrop on iPhones

We may earn a commission from links on this page.
Image for article titled Apple Disables Watch Walkie Talkie App Due to Security Flaw That Let You Eavesdrop on iPhones
Screenshot: Apple

Due to an unspecified security vulnerability, Apple has decided to disable the Walkie Talkie app as it could potentially allow a person to eavesdrop on another’s iPhone.

The Walkie Talkie app was introduced in WatchOS 5 and lets you voice chat directly with other Apple Watch users via your wrist. News of the bug was first reported by TechCrunch and purportedly discovered via Apple’s bug reporting portal. In a statement given to TechCrunch, Apple said there have been no reports of the vulnerability being used against actual customers, and that “specific conditions and sequences of events are required to exploit it.”

To deal with the issue, Apple decided the best course of action was to disable the app entirely until a fix can be rolled out. Gizmodo verified that while the Walkie Talkie app remains on the Apple Watch, attempts to chat with friends or invite friends to chat are currently not working. While a ‘quick fix’ is currently in the works, according to Apple, there’s no timeline on when the app will be fully functional again.


On the bright side, it seems like Apple has learned from its mistakes. In January, it fumbled handling a serious vulnerability that similarly let users eavesdrop on people they called using the Group FaceTime feature. At the time, Apple caught some flack for failing to notify users of the risk, as well as not taking a mother and teen seriously when they tried reporting it. (Happy ending, though: They eventually got compensated for discovering the bug.)


The Walkie Talkie security flaw comes right on the heels of a serious vulnerability that allowed teleconferencing app Zoom to hijack Mac computers. To be fair, that’s not really Apple’s fault, as Zoom was guilty of installing what a security researcher described as insecure local web servers on Macs to bypass an additional Apple security feature. For its part, yesterday Apple silently released an update for Mac users to remove the hidden server Zoom installed on Macs.