Text Bug Crashes iPhones, Apple Watch, iPad and Mac

Published: May 28, 2015

Text Bug Crashes iPhones, Apple Watch, iPad and Mac, Analysis Cads and/or bounders can crash and reboot iPhones from afar by sending them specially crafted texts, thanks to a new vulnerability in iOS.

A 75-byte sequence of unicode characters triggers the glitch, and can be smuggled into text messages, causing iThings to crash if they appear in the victim’s notification screen. Texting the data to your pals will force their devices to reboot if they try to open it from the notification panel.

The string-of-death crashes applications that use Apple’s CoreText library. OS X is vulnerable, too, so sticking the killer sequence in your server’s /etc/motd file will crash Terminal when a Mac user logs in, for example.

The flaw was spotted on Tuesday by a Redditor who received the message shown on the right, which caused their smartphone to crash and reboot to recover. The attack has been replicated on other iOS devices such as Apple’s smartwatch.

The problem isn’t with the Arabic characters themselves, but in how the unicode representing them is processed by CoreText, which is a library of software routines to help apps display text on screens.

The bug causes CoreText to access memory that is invalid, which forces the operating system to kill off the currently running program: which could be your text message app, your terminal, or in the case of the notification screen, a core part of the OS.

The crash happens at the instruction at 0x0af42d in CoreText, which is 229 bytes into the

Share

_________________________________________
Please feel free to send if you have any questions regarding this post , you can contact on

Contact

Comments

Comments are closed.

Copyright ©2010-15 AP - United States America