A software developer has dicovered a shocking new security flaw, "text bomb", which can reportedly crash any iPhone just by a text message. Described as the chaiOS bug, Apple now tells Buzzfeed that a fix is expected next week.
Masri link takes you to a site that contains hundreds of thousands of unnecessary characters within its metadata.
chaiOS was first uncovered by Abraham Masri, who tweeted about the bug. Specifically, for iOS devices, sending the link will cause the recipient's messages app to freeze, crash, and delete messages. "My intention is not to do bad things", said Masri.
Masri tweeted about the bug on Tuesday.
The device will freeze for a few minutes, after the link is sent, then most of the time, it resprings.More news: No, President Trump isn't crazy, he's just racist
Thanks to the magic of Unicode and a maliciously crafted URL, the text rendering engine of an iOS device can easily be overloaded, crashing everything in one fell swoop. He added: "Nasty. But, thankfully, more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files".
Cluley also said not to be surprised if a security update is rolled out by Apple in the near future to fix this issue.
We tested the bug and experienced pervasive issues that required removing the message thread and in some cases digging in to macOS and removing the whole Messages database and starting over.
Like other Apple exploits in the past, the bug looks like a simple line of text or a link. The name would indicate that it only affects iPhones and iPads although what it really attacks is the Messages app, regardless of whether it is running on iOS or macOS.