Text Exploit Crashes OS X 10.8 and iOS 6 Apps

An exploit that causes both Macs and iOS devices to crash was discovered yesterday, reports 9to5Mac. A specific sequence of Arabic characters causes an error that will crash any application that uses the WebKit engine in either Mountain Lion (OS X 10.8) or iOS 6.

When sent via text message, iMessage, Messages, or typed in Safari, the sequence of characters will cause apps to crash.

dosexploit
This bug does not work on any other operating systems and does not allow anyone else to access your computer remotely because of it, but being a recipient (or even sender) of these characters may make your Messages app unusable, cause Safari/Chrome to crash, or not allow for scanning of SSIDs (if the string is broadcasting as a Wifi network name).
Apple has fixed the exploit in both iOS 7 and Mavericks (OS X 10.9), which means people running those operating systems are not vulnerable. All other users can be affected by the issue, which has apparently existed for more than six months.

Top Rated Comments

(View all)

15 months ago

Can you paste the text in here for us to see.

:D:D


If you even see a screenshot, you will die in seven days :eek:
Rating: 6 Votes
15 months ago
Can you paste the text in here for us to see.

:D:D
Rating: 6 Votes
15 months ago
This seems like a bug then an exploit? If you could then access a users computer or phone then it would be an exploit?
Rating: 5 Votes
15 months ago
How do people even find stuff like this???
Rating: 5 Votes
15 months ago
FWIW, Firefox does not crash - they must be using their own text engine. Safari and Chrome do.

My bigger question is, why is this not a front-page story, while a story about (what is basically an ad for) SimCity is?
Rating: 5 Votes
15 months ago

If you even see a screenshot, you will die in seven days :eek:


And all of your Macs will turn into Dells.
Rating: 3 Votes
15 months ago
A bug yes, but a big one. How long to some sicko with a spambot sends out millions of emails containing it. Perhaps Samsung or Microsoft will include it on there web pages.

A large percent of mac, and the majority of iOS users won't know what hit them!
Rating: 3 Votes
15 months ago
/buys roll of foil

/makes foil hat

/logs into MR to make post


Apple will not fix this vulnerability because they want to increase the adoption rate of Mavericks and iOS7

/wraps iPad in foil
Rating: 3 Votes
15 months ago

How do people even find stuff like this???


The text was published on Slashdot in Unicode format. It is a strange mixture of arabic characters, followed by special characters that join other characters together. I suppose 90% of the people on MacRumors wouldn't be able to figure out how to enter this into a text editor. Absolutely nobody would ever in a million years type this text.

I would think access to the source code, analysing the code, finding a bug, and figuring out how to turn that bug into a crash. I _have_ seen code where an experienced developer sees with one look that the code is dodgy - good code has obviously no problems, bad code has no obvious problems. And once you find that, it's easy to find a way to crash the code.
Rating: 2 Votes
15 months ago
Macs aren't popular on Middle East or what?
Rating: 1 Votes

[ Read All Comments ]