The flaw resided in the fact that anybody with access to the computer on which FaceTime was installed could change the password to the related Apple ID without knowing the current password. When launched, FaceTime automatically logs you into the associated account; from there, going to the app's Preferences pane, clicking on your account, and then clicking View Account would allow you to enter a new password and confirm it without ever having to enter the current password.
While the FaceTime application itself has not been updated, Apple has blocked access to that account information—currently, clicking on the View Account link will take you to an empty page before bouncing you back to the previous page.
Of course, this is hardly a permanent fix for the security hole, since presumably people will eventually want to access their account details from inside the app, but it should at least block any nefarious pranksters or snoopers in your home or your office for the time being.
This story, "Apple temporarily fixes FaceTime security vulnerability" was originally published by Macworld.