Apple has acknowledged a flaw in its FaceTime software that allowed for brief eavesdropping – even if the recipient did not pick up.
In some cases the target iPhone could send video without the receiver’s knowledge.
The company said it had developed a fix and an update would be rolled out this week.
In the meantime, Apple’s status page shows it has disabled the ability for users to make group calls on FaceTime.
The flaw, first revealed by the 9to5Mac blog, appears to occur when both users are running version 12.1 of Apple’s mobile operating system iOS, or newer. It also affects Mac users when they are called from an iPhone.
The technique involves using the software’s group chat function, apparently confusing the software into activating the target’s microphone, even if the call has not been accepted.
The eavesdropping ends when the call is cut after too many rings.
‘National Privacy Day’
In addition to audio, 9to5Mac reported that pressing buttons to block the call or turn off the device would result in video being sent to the call-maker, without the recipient’s knowledge.
In a statement, Apple told journalists: “We’re aware of this issue and we have identified a fix that will be released in a software update later this week.”
On social media, concerned users – including Twitter chief executive Jack Dorsey – suggested disabling the FaceTime function altogether, which can be done via the device’s settings menu.
Discovery of the flaw coincided with National Privacy Day in the US, a day heralded by Apple boss Tim Cook.
“On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections,” he wrote on Twitter.
“The dangers are real and the consequences are too important.”
New York governor Andrew Cuomo advised his city’s residents “to disable their FaceTime app until a fix is made available”,
He said: “The FaceTime bug is an egregious breach of privacy that puts New Yorkers at risk.