Categories

Abraham Masri

This link will crash your iPhone or Mac

Security researcher Abraham Masri has released details about a vulnerability in Messages for iOS. The issue causes the app to crash when a specific link is posted in a chat thread, reported 9to5Mac[1]. Dubbed chaiOS, additional testing showed the bug also affects Safari and Chrome on macOS, with the link either causing the browsers to crash or display the spinning beach ball.

Masri’s proof of concept attack appears to exploit a bug in OpenGraph page titles by creating a long tag. Until Apple patches the issue, users will have to delete any conversation in which they receive the link.

? Effective Power is back, baby! chaiOS bug:
Text the link below, it will freeze the recipient’s device, and possibly restart it. https://t.co/Ln93XN51Kq[2]

?

Do not use it for bad stuff.

thanks to @aaronp613[3] @garnerlogan65[4] @lepidusdev[5] @brensalsa[6] for testing!

— Abraham Masri (@cheesecakeufo) January 16, 2018[7]

This link will crash your iPhone or Mac

Now read: Crash Skype with this simple message[8]

References

  1. ^ 9to5Mac (9to5mac.com)
  2. ^ https://t.co/Ln93XN51Kq (t.co)
  3. ^ @aaronp613 (twitter.com)
  4. ^ @garnerlogan65 (twitter.com)
  5. ^ @lepidusdev (twitter.com)
  6. ^ @brensalsa (twitter.com)
  7. ^ January 16, 2018 (twitter.com)
  8. ^ Crash Skype with this simple message (mybroadband.co.za)