Beware! A new bug can crash iOS and macOS with a single text message  - text bomb link - Beware! A new bug can crash iOS and macOS with a single text message

Be careful what you click on.

Abraham Masri, a Twitter user with the rather wonderful handle of @cheesecakeufo, has shared publicly a malicious link that is capable of crashing and when received through Apple’s Messages app.

The link, which I’m only going to reproduce here as an image, points to a GitHub page.

Chaios tweet  - chaios - Beware! A new bug can crash iOS and macOS with a single text message

Clicking on the link can cause your Messages application to on iOS and Mac devices, and you may find other peculiar behaviour occurs such as being returned to your lock screen.

It turns out that there’s some pretty funky-looking code on that webpage.

Webpage code  - webpage code - Beware! A new bug can crash iOS and macOS with a single text message

Something about the code gives your Apple device a brainstorm. Ashamed about the mess it gets itself in, Messages decides the least embarrassing thing to do is to crash.

Nasty. But, thankfully, more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files.

Readers with long memories will recall that Apple users have been bedevilled by bomb vulnerabilities like this in the past.

For instance, in 2013 it was found that Macs and iPhones could be crashed by a simple string of Arabic characters, and in 2015 an attack dubbed “Effective Power” saw a sequence of characters allow mischief-makers to remotely reboot iPhones.

Don’t be surprised if Apple rolls out a security update in the near future to fix this latest example of a text bomb. And please please don’t be tempted to try the text bomb attack out on anyone else – you’re not being funny, you’re just being a jerk.

- aa9ea0686c5d1aa9086d4b12c3aa05f2 s 80 d mm r g - Beware! A new bug can crash iOS and macOS with a single text message

About the author, Graham Cluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and gives presentations on the topic of computer security and online privacy.

Follow him on Twitter at @gcluley, Google Plus, Facebook, or drop him an email.

Follow @gcluley





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here