A malicious video link that when played in Safari causes iOS devices to crash has been discovered this morning.

Playing the MP4 video in question through Safari appears to have no effect at first, but gradually the operating system slows down before it freezes completely, after which only a hard reset will bring the device back to life. YouTube channel EverythingApplePro has posted a demonstration (i.e. not the original video) showing the exploit in action.

iOS safari video crash
The bug appears to affect iOS builds as far back as iOS 5, while iPhones running iOS 10.2 beta 3 are said to power off and show the spinning wheel indefinitely.

If you fall victim to the prank, you'll need to hard reboot to get your device working again. According to a Reddit post by user Riddle, currently the top level domains hosting the video appear to be vk.com and testtrial.site90.net, but bear in mind that the video could be hosted on other sites quite easily and that URL shorteners can mask the actual address you're being linked to.

This kind of prank isn't new. Three years ago, a text exploit made the rounds that caused both Mac and iOS devices to crash.

(Via 9to5Mac.)

Top Rated Comments

Scubaman Avatar
Scubaman
118 months ago
On my iPad 2 running iOS 10 this seems to be a feature. Not a problem...
You must have a pretty cool iPad2 if it's running ios10 as my iPad3 stopped being capable of upgrade at ios9!!
Score: 11 Votes (Like | Disagree)
keysofanxiety Avatar
keysofanxiety
118 months ago
soo many bad news for apple..
It's just a software bug and it'll be patched accordingly. Nothing new either.

The bug appears to affect iOS builds as far back as iOS 5
Score: 5 Votes (Like | Disagree)
dugbug Avatar
dugbug
118 months ago
Why is this vulnerability called a prank? Sounds like a remote execution bug like Stage fright on Android.
Where do you see remote execution of code
Score: 5 Votes (Like | Disagree)
C DM Avatar
C DM
118 months ago
Doesn't "hard reset" mean erase the device to factory settings? I think this just requires a "hard restart".
The terminology has been essentially corrupted through misuse by more and more over period of time. Kind of like "literally" has even been adjusted to mean the opposite of itself as well for similar reasons.
Score: 4 Votes (Like | Disagree)
joelypolly Avatar
joelypolly
118 months ago
Why is this vulnerability called a prank? Sounds like a remote execution bug like Stage fright on Android.
probably because it isn't remote execution at this stage if it only can crash a device
Score: 4 Votes (Like | Disagree)
H.Finch Avatar
H.Finch
118 months ago
On my iPad 2 running iOS 10 this seems to be a feature. Not a problem...
Score: 3 Votes (Like | Disagree)
Read All Comments