Malicious Link Texted to Mac and iOS Devices Can Cause Freezes and Resprings [Updated]

Tuesday January 16, 2018 4:16 PM PST by Juli Clover

A link that exploits a bug in iOS and Mac devices was shared on Twitter this afternoon, and if you receive this link through the Messages app, your iPhone or iPad can freeze up or respring, and the Messages app can become unusable.

The link, which goes to a Github page, breaks the Messages app and causes problems on both iOS devices and Macs. Simply receiving the link results in issues, likely due to the Messages feature that lets you preview web links. We tested the bad link and while we saw few resprings, it did reliably cause the Messages app to freeze entirely.


The only solution appears to be to quit out of the Messages app and then delete the entire offending conversation to restore full functionality.

These kinds of Message-based bugs have surfaced several times in the past, with text strings, videos, and more crashing the Messages app in the past. Such bugs are not serious, but they can be highly irritating when abused as a prank.

It's best not to send the link to friends, because it can cause the sending device to freeze up and crash as well. If your device is affected, quit the Messages app on Mac or iOS, open it back up, and immediately delete the entire message thread.

On Mac, you'll need to swipe right on the trackpad or right click on to the person's name to delete the conversation, while on iOS, you'll need to swipe to the right on a person's name to bring up the delete option.


Blocking the domain using Parental Restrictions may prevent the link from affecting your iOS devices. You can turn on Restrictions on iPhone or iPad by going to Settings --> General --> Restrictions --> Websites --> Limit Adult Content and adding "GitHub.io" to the "Never Allow" list.

Update: Apple appears to have addressed the bug in iOS 11.2.5 beta 6, and Github has removed the offending webpage.

Top Rated Comments

(View all)
Avatar
29 months ago
IMHO, Apple should offer an option to specifically turn off web link previews, regardless of this bug.
Score: 23 Votes (Like | Disagree)
Avatar
29 months ago
Does anyone remember when stuff like this happened to Microsoft and NOT Apple? My how times have changed.
Score: 17 Votes (Like | Disagree)
Avatar
29 months ago

M$ still sucks, and Apple is still better.


Remember what Steve said "We have to let go of this notion that for Apple to win Microsoft has to lose. In order for Apple to win Apple needs to do a really good job."
Score: 15 Votes (Like | Disagree)
Avatar
29 months ago
O̖̟̝̦h ̱l͉̰͓ooḳ,̩̗̱ ̩͓̘͔t͕͚h̬̰̗̘̣̙͔e̝̮̯̟͍ ̗̖͔̣k̗̩̩̳͓̜͔i͚d͎̯̭s̭̙̣ ̟̫̳a̞ṛ̩̮̪̣͚e͚̰̺͔̭ ̟̜̥̖͇͓̝u̱̠s̬̯̥̳̲̠in̪̲g̜̣̝̦ ͓t̬̞hḙ̳̣ ͇͙̗͈̺̮͓g̠̱̣̭̦͕͓ḽḭ̞̘t̩c̤͎h̺̬͕̜̘̲y̞͉̘ t͔̥̰e͙̭͇̼̱̹x̙̠t̜͇̝̹ͅͅ ͔̞̠̱ge͚n̗e͍̦̝̺r̦͓a͇̳̣t͖̦̱͔̤̙o͓̭̗̹̤̜̼r͔͙̗̬̞̼͚:rolleyes:
Score: 14 Votes (Like | Disagree)
Avatar
29 months ago
So does anyone have a clue what this page is actually doing? I tried loading it in Firefox and the browser got really slow (displaying assorted cruft at the bottom of the browser window) until I closed the tab.

Update

After viewing the page's source code, it's just ugly nonsense exploiting a bug in the browser.

The page's header has a meta tag (og.title (http://ogp.me/)) where the content is several MB of text, consisting mostly of Unicode cascading accent marks. Following by a "mailto" URL containing similar junk. The content causes most software (capable of displaying Unicode, of course) to slow down a lot.

Pretty juvenile. But iOS's Mobile Safari and Messages shouldn't crash in the face of this. This may indicate a more serious bug somewhere in Apple's Unicode rendering engine.

IMO, although it probably violates the standard, I think software should put a limit on the number of cascading accents one may attach to a single character. If there were a limit of 100 (for example), it would probably never interfere with legitimate text and text designed to abuse the feature would simply fail to render. The only people offended would be those trying to write browser-crashing text and a few uber-pedantic Unicode geeks.
Score: 10 Votes (Like | Disagree)
Avatar
29 months ago
Apple is lost. This is the effective power bug all over again.
Score: 10 Votes (Like | Disagree)

Top Stories

Apple Releases iOS and iPadOS 13.4 With New Mail Toolbar, iCloud Folder Sharing, Trackpad Support for iPad and More

Tuesday March 24, 2020 9:56 am PDT by Juli Clover
Apple today released iOS and iPadOS 13.4, the latest major updates to the iOS 13 operating system that was released in September. iOS and iPadOS 13.4 come two months after the release of iOS and iPadOS 13.3.1 with Screen Time Communication Limits. The iOS and ‌iPadOS‌ 13.4 updates are available on all eligible devices over-the-air in the Settings app. To access the updates, go to...

Apple Releases macOS Catalina 10.15.4 With Screen Time Communication Limits and Real-Time Apple Music Lyrics

Tuesday March 24, 2020 10:21 am PDT by Juli Clover
Apple today released macOS Catalina 10.15.4, the fourth update to the macOS Catalina operating system that was released in October. macOS Catalina 10.15.4 comes a couple of months after the release of macOS Catalina 10.15.3. macOS Catalina 10.15.4 can be downloaded from the Mac App Store for free using the Update feature in the System Preferences app. The macOS Catalina 10.15.4 update...

Hands-On With Apple's New Smart Keyboard Folio for the 2020 iPad Pro Models

Tuesday March 24, 2020 12:38 pm PDT by Juli Clover
Apple last week introduced new 11 and 12.9-inch iPad Pro models, which are set to arrive in the hands of customers starting this week. Apple introduced a nifty new Magic Keyboard with trackpad alongside the new iPad Pro models that's coming in May, but it also debuted a new Smart Keyboard Folio, which is available now. We picked up the Smart Keyboard Folio for the designed for the 2020 iPad...

Apple Helps Source Over 10 Million N95 Masks for Healthcare Providers in the U.S.

Wednesday March 25, 2020 10:25 am PDT by Juli Clover
Apple over the weekend announced plans to donate millions of N95 masks to hospitals in the United States and Europe, and according to Apple CEO Tim Cook, Apple has been able to source more than 10 million N95 masks in the U.S. and millions more in Europe. Apple CEO Tim Cook said on Saturday that Apple was aiming to donate supplies to healthcare providers fighting COVID-19, and clarified...

Apple Considering Delaying iPhone 12 Launch 'by Months'

Wednesday March 25, 2020 12:51 pm PDT by Juli Clover
Apple is preparing to delay the launch of the 2020 iPhones expected to be equipped with 5G technology, according to sources with knowledge of Apple's plans that spoke to Japanese news site Nikkei. Apple has reportedly held internal discussions about the possibility of delaying the launch "by months" over fears of how well iPhones would sell in the current situation, and supply chain sources...

2020 iPad Pro Unboxing Videos and First Impressions

Tuesday March 24, 2020 5:34 am PDT by Joe Rossignol
Apple last week introduced new iPad Pro models with an similar performing A12Z Bionic chip, an Ultra Wide camera for 0.5x zoom, and a LiDAR Scanner for enhanced augmented reality. The new iPad Pro models will begin arriving to customers and go on sale at select stores starting tomorrow, and ahead of time, the first unboxing videos have surfaced. The new iPad Pro models will be compatible with A...

Hands-On With the New 2020 12.9-Inch iPad Pro

Wednesday March 25, 2020 2:10 pm PDT by Juli Clover
Apple last week announced new 11 and 12.9-inch iPad Pro models, and as of today, the new iPads are arriving to customers. We picked up one of the new 12.9-inch models and checked it out to see just what's new and whether it's worth buying. Subscribe to the MacRumors YouTube channel for more videos. When it comes to design, the new iPad Pro models are identical to the 2018 iPad Pro models, but ...

Mobile Networks in Multiple Countries Display 'Stay Home' Message When Users Connect to Cellular Instead of WiFi

Tuesday March 24, 2020 3:46 pm PDT by Juli Clover
iPhone users in several countries who disconnect from WiFi on their devices will see a "Stay Home" message at the top of the Control Center where cellular network information is displayed. Image via Matt Navarra According to reports on Twitter, the status bar messages are showing up in countries that include Germany, Belgium, United Arab Emirates, Peru, Turkey, India, Luxembourg, Romania,...

Apple Releases tvOS 13.4 for Fourth and Fifth-Generation Apple TV Models

Tuesday March 24, 2020 9:53 am PDT by Juli Clover
Apple today released tvOS 13.4, the third major update to the tvOS operating system that runs on the fourth and fifth-generation Apple TV models. tvOS 13.4 comes a couple of months after the release of tvOS 13.3.1. tvOS 13.4, a free update, can be downloaded over the air through the Settings app on the Apple TV by going to System > Software Update. Apple TV owners who have automatic software ...

Benchmarks Suggest New iPad Pro's A12Z Chip is Nearly Identical to A12X in 2018 iPad Pro

Monday March 23, 2020 7:18 pm PDT by Juli Clover
One of the new 2020 iPad Pro models equipped with an A12Z chip arrived early to a Reddit user, who did some benchmarking tests to see how it performs. In a Geekbench 5 test, the 11-inch 2020 iPad Pro earned a single-core score of 1114 and a multi-core score of 4654, which is close to the Geekbench scores of the 11-inch iPad Pro from 2018. The 11-inch iPad Pro has an aggregate single-core G...