iPhone Text Message Bug Can Crash Apple Watch, iPad and Mac too

8 years, 10 months ago - May 28, 2015
Apple Watch

Apple Watch

Bug in Apple’s Messages that allows anyone to crash someone’s iPhone with a text can also affect an Apple Watch, iPad or Mac

The bug that causes iPhones to crash when they receive a boobytrapped text message also affects the Apple Watch, iPads and Macs.

The crash is caused by a bug within a core system common to all of Apple’s devices that handles text. When presented with non-Latin characters in a specific sequence – including those from Arabic, Chinese and Marathi – the CoreText system chokes, causing it to fail and bring the entire operating system to a halt.

Apple told the Guardian that it is aware of the bug and will issue a software update to fix it. How long that update will take is unknown: 24 hours after the bug was revealed, it has not been fixed.

The bug, which was originally identified causing crashes on iPhones, has now been shown to also affect the Apple Watch, causing it to crash when attempting to reply to the offending message via voice using Siri.

The text message has also caused iPads to crash, and reportedly can affect Mac laptops and desktops too.

“As the issue also affects OS X applications, a malicious party could set the triggering text as a server message of the day or welcome message, causing a user’s terminal to crash when authenticating to network services,” Mathew Hickey, principal security consultant at MDSec told Forbes.

While most people are using the message as a prank to crash friends’ iPhones, experts have not ruled out that the text string could be used for more malicious attacks, with potentially damaging consequences.

“Programming errors in Unicode decoding and rendering will produce more errors like this, some of which may be exploitable to access elevated privilege levels on devices,” said Ken Simpson chief executive of spam filtering and email security company MailChannels. “Such a vulnerability/exploit is not yet in the wild, but if developed this would represent an immediate and severe threat to all iOS device users worldwide.”

Those wishing to protect themselves from these attacks can turn off the notification system on iOS devices and stop SMS or iMessages being delivered to the Apple Watch.

Mac users are less likely to affected by the bug – sending the string via iMessages did not trigger a crash in the Guardian’s testing – but those using the Terminal app to access resources across the internet should be aware that it could be affected if exposed to the text string.

Text by Guardian

We also recommend

Tags Cloud
2010accidentsadvertisingAfrAsiaafricaagalegaagroAir Franceair mauritiusAirlinesairportairway coffeeAlvaro SobrinhoamazonAmeenah Gurib-FakimAMLandroidApollo Bramwellappleappointmentsappsarrestasiaauditaudit reportaustraliaaviationawardsBABagatelleBAIBangladeshbankbanksbarclaysbeachbeachesBeau Bassin-Rose HillbetamaxBOIboko haramBollywoodBOMbombingbpmlBPOBramer BankbrazilbrexitbudgetBusinessCanadacanecareercareer tipscasinoCCIDCCMCEBcementChagosCHCchinaCIELcigarettesconferenceConfinementCongoconstructioncontestCoronaviruscorruptionCourtCourtscouvre-feuCOVID-19CPBCPEcreativitycrisiscruise shipsCSOCT PowerCultureCurepipecustomerscustomsCWAcyclonedamDawood RawatDBMdeficitdenguedevelopmentdoctorsDomaine les PaillesDPPdrug traffickingdrugsDTAADuty FreeearthquakeebolaecoécoleseconomyEducationEgyptelectionselectoral reformelectricityEmiratesEmtelenergyENLentrepreneurshipEUEuropeeventsexamexamsexpoexportfacebookfairfarmersfeeFIFA World CupfinancefinancesFirefishfishingFlacqFlic-en-FlacFloodsfoodFootballforecastforeign workersFrancefraudfruitsFSCfuelfunnyGAARgamblinggamesgasgazaGermanygooglegovernmentGRAgreengreen energyhackershajjhawkershealthhealthcareHeritage Cityhistoryholidayshorse racingHospitalhotelhotel businesshotelshow toHRHRDCHSBCHSCIBLICACICTICTAID cardillegal fishingIMFimportindiaIndian OceanIndonesiainflationinfrastructureinnovationsinsuranceinternetInterviewinterview tipsinvestmentinvestmentsiosiPadiphoneiraniraqIRSISISisraelITItalyjapanJin FeijobjobsjournalismKenyaKPMGlandlawlawslayoffsleadershipLepeploanslocal governmentLockdownlotteryLRTLufthansaMadagascarmalaysiamalaysia airlinesmanagementmanagement tipsmanufacturingmarketmarketingmarketsMauBankMauritiansmauritiusMBCMCBMCCImeccaMedical CouncilmedicamentsmedicineMedPointmeetingMEFMESMetro ExpressMEXAMicrosoftMIDMIEmigrationminimum salaryminimum wageMITDmlMMMmoneymoney launderingmotivationmoviesMozambiqueMPAMPCMPCBMRAMSCMSMMTMTCMTPAMusicMV BenitaNandanee SoornackNarendra ModinatureNavin RamgoolamNavind KistnahNCBnceNDUnetworkingNew Mauritius HotelsNHDCNigeriaNobel Prizenorth koreaNTCNWCCofficialsoffshoreoilOlympic GamesOmnicaneorangeOUMPakistanpalestineparliamentPaul BérengerPhilippinesPhoenix Beveragespicture of the daypiracyplagePMPMOpmsdPNQpolicepoliticsportPort LouisPort-LouispostPravind JugnauthPRBpricepricesproblemprostitutionprotestspsacPSCpsychologyPTRpublic servicequatre-bornesrainsRakesh Gooljauryratingsreal estatereformsrepo rateRESrestaurantsresultresultsReunionriceroadsRoches-Noires caseRodriguesRogersRose-HillRoshi BhadainRussiaSAJsalariessalarysalessamsungsaudi arabiasbmSCscamscandalscholarshipscholarshipsSchoolschoolssciencesecuritySeychellessharksshootingshoppingshopping mallSICsicomsingaporeSITskillssmart citysmartphonesSMeSMEDASobrinho casesocial mediasocial networks & messengerssolar energysouthsouth africasouth koreasportSportsstartupsstatisticsstatsSTCstrategystreet vendorsstrikestudysuccesssugarSun Tan caseSunkai casesyriaTAtabletsTanzaniataxtax heaventaxesteaTECtechnologytelecomterrorismtextilethailandthefttime managementtipstourismtradingtrainingstransporttrendstunaTurfTurkeyTVtyphoonukukraineunemploymentunionsuniversityuomUSUTMvacanciesVacoas Popular Multipurpose Cooperative SocietyVacoas-Phoenixvarma casevegetablesVideo of the DayvisaVishnu LutchmeenaraidooWaterWaterparkWeatherWhitedot Casewi-fiWMAWorld BankXavier-Luc DuvalYEPzimbabwe