Apple's FaceTime For Mac Hit By Password Breach

Just one day after its introduction, a security flaw has been uncovered in Apple's FaceTime video chat tool.

The application reportedly fails to properly conceal account information relating to the Apple ID service, putting users at risk for account theft in certain situations.

Apple news site is reporting that when the FaceTime application is active, user account details including password and recovery questions can be accessed without the requirement of entering authentication information.

Apple introduced a beta version of FaceTime earlier this week for MacOS Leopard users. The application is expected to be included as part of the upcoming OS X Lion release.

The report suggests that a third party could potentially access a machine and take over the Apple ID account of the original user. Additionally, auto-save components in FaceTime will log password information, allowing a third party user to launch the application without entering a password.

While the flaw requires a third party to have physical access to the machine, the issue could pose a threat to those who use a public system or share their machines with others.

print this article

Return to security news headlines
View Security News Archive

Share with: