Malicious Link Texted to Mac and iOS Devices Can Cause Freezes and Resprings [Updated]

by

A link that exploits a bug in iOS and Mac devices was shared on Twitter this afternoon, and if you receive this link through the Messages app, your iPhone or iPad can freeze up or respring, and the Messages app can become unusable.

The link, which goes to a Github page, breaks the Messages app and causes problems on both iOS devices and Macs. Simply receiving the link results in issues, likely due to the Messages feature that lets you preview web links. We tested the bad link and while we saw few resprings, it did reliably cause the Messages app to freeze entirely.


The only solution appears to be to quit out of the Messages app and then delete the entire offending conversation to restore full functionality.

These kinds of Message-based bugs have surfaced several times in the past, with text strings, videos, and more crashing the Messages app in the past. Such bugs are not serious, but they can be highly irritating when abused as a prank.

It's best not to send the link to friends, because it can cause the sending device to freeze up and crash as well. If your device is affected, quit the Messages app on Mac or iOS, open it back up, and immediately delete the entire message thread.

On Mac, you'll need to swipe right on the trackpad or right click on to the person's name to delete the conversation, while on iOS, you'll need to swipe to the right on a person's name to bring up the delete option.


Blocking the domain using Parental Restrictions may prevent the link from affecting your iOS devices. You can turn on Restrictions on iPhone or iPad by going to Settings --> General --> Restrictions --> Websites --> Limit Adult Content and adding "GitHub.io" to the "Never Allow" list.

Update: Apple appears to have addressed the bug in iOS 11.2.5 beta 6, and Github has removed the offending webpage.

Top Rated Comments

(View all)
Avatar
35 months ago
IMHO, Apple should offer an option to specifically turn off web link previews, regardless of this bug.
Score: 23 Votes (Like | Disagree)
Avatar
35 months ago
Does anyone remember when stuff like this happened to Microsoft and NOT Apple? My how times have changed.
Score: 17 Votes (Like | Disagree)
Avatar
35 months ago

M$ still sucks, and Apple is still better.

Remember what Steve said "We have to let go of this notion that for Apple to win Microsoft has to lose. In order for Apple to win Apple needs to do a really good job."
Score: 15 Votes (Like | Disagree)
Avatar
35 months ago
O̖̟̝̦h ̱l͉̰͓ooḳ,̩̗̱ ̩͓̘͔t͕͚h̬̰̗̘̣̙͔e̝̮̯̟͍ ̗̖͔̣k̗̩̩̳͓̜͔i͚d͎̯̭s̭̙̣ ̟̫̳a̞ṛ̩̮̪̣͚e͚̰̺͔̭ ̟̜̥̖͇͓̝u̱̠s̬̯̥̳̲̠in̪̲g̜̣̝̦ ͓t̬̞hḙ̳̣ ͇͙̗͈̺̮͓g̠̱̣̭̦͕͓ḽḭ̞̘t̩c̤͎h̺̬͕̜̘̲y̞͉̘ t͔̥̰e͙̭͇̼̱̹x̙̠t̜͇̝̹ͅͅ ͔̞̠̱ge͚n̗e͍̦̝̺r̦͓a͇̳̣t͖̦̱͔̤̙o͓̭̗̹̤̜̼r͔͙̗̬̞̼͚:rolleyes:
Score: 14 Votes (Like | Disagree)
Avatar
35 months ago
So does anyone have a clue what this page is actually doing? I tried loading it in Firefox and the browser got really slow (displaying assorted cruft at the bottom of the browser window) until I closed the tab.

Update

After viewing the page's source code, it's just ugly nonsense exploiting a bug in the browser.

The page's header has a meta tag (og.title (http://ogp.me/)) where the content is several MB of text, consisting mostly of Unicode cascading accent marks. Following by a "mailto" URL containing similar junk. The content causes most software (capable of displaying Unicode, of course) to slow down a lot.

Pretty juvenile. But iOS's Mobile Safari and Messages shouldn't crash in the face of this. This may indicate a more serious bug somewhere in Apple's Unicode rendering engine.

IMO, although it probably violates the standard, I think software should put a limit on the number of cascading accents one may attach to a single character. If there were a limit of 100 (for example), it would probably never interfere with legitimate text and text designed to abuse the feature would simply fail to render. The only people offended would be those trying to write browser-crashing text and a few uber-pedantic Unicode geeks.
Score: 10 Votes (Like | Disagree)
Avatar
35 months ago
Apple is lost. This is the effective power bug all over again.
Score: 10 Votes (Like | Disagree)

Top Stories

iOS 14 Widgets Offer iPhone Users Creative Home Screen Ideas

Sunday September 20, 2020 8:43 pm PDT by
In iOS 14, Apple introduced ‌the concept of Home Screen‌ widgets, which provide information from apps at a glance. Widgets can be pinned to the Home Screen in various spots and sizes, allowing for many different layouts. Despite the relative lack of 3rd party widgets at launch, iOS users around the...

iPhone 12 Lineup Rumored to Be Named 'iPhone 12 mini,' 'iPhone 12,' 'iPhone 12 Pro,' and 'iPhone 12 Pro Max'

Monday September 21, 2020 5:24 am PDT by
Leaker known as "L0vetodream" has today shared the alleged naming for the upcoming iPhone 12 lineup on Twitter. The tweet proposes that the upcoming iPhone 12 models will be titled "iPhone 12 mini," "iPhone 12," "iPhone 12 Pro," and "iPhone 12 Pro Max." The names likely correspond to the three expected sizes of iPhone 12, with the 5.4-inch model being the iPhone 12 mini, the 6.7-inch model ...

Hands-On With the New Apple Watch Series 6 and Apple Watch SE

Friday September 18, 2020 1:19 pm PDT by
Today's the official launch date for the Apple Watch Series 6 and the Apple Watch SE, both of which Apple announced on Tuesday. We picked up a couple of the new models and thought we'd give them a quick look for MacRumors readers thinking of ordering a new watch. Apple Watch Series 6 & Apple Watch SE Hands-On! When it comes to design, both the $399 Series 6 and the $279 SE look just like...

iOS 14 Picture in Picture No Longer Working With YouTube's Mobile Website in Safari [Without Premium]

Friday September 18, 2020 12:21 pm PDT by
Apple in iOS 14 added Picture in Picture to the iPhone, a feature designed to let you watch a video in a small screen on your device while you continue to do other things on the phone. When Picture in Picture was working with YouTube The YouTube app doesn't support Picture in Picture, but up until yesterday there was a functional workaround that allowed videos from YouTube.com to be watched...

When Will the iPhone 12 Launch? Here's What We Know

Wednesday September 16, 2020 6:12 am PDT by
Yesterday's "Time Flies" Apple event saw the release of the Apple Watch Series 6, Apple Watch SE, iPad 8, and iPad Air 4, but no new iPhone models. Rumors before the event strongly alleged that it would not see the unveiling of new iPhones, with many reports pointing to an October launch. The lack of new iPhone models yesterday seems to confirm that the iPhone 12 lineup will not appear...

Here's How You Can Download iOS 14 and iPadOS 14 Around the World [It's Out]

Wednesday September 16, 2020 2:36 am PDT by
Apple's official public release of iOS 14 and iPadOS 14 dropped on Wednesday, September 16, just a day after the company released the Golden Master to third-party developers. Also set to be made available to the general public for the first time are watchOS 7 and tvOS 14. Getting Started With iOS 14 Video Click image to watch iOS 14 Getting Started While that's left a lot of developers...

AirPods Studio Rumored to Come With U1 Chip, Ultra-Wideband Said to Be Vital to Future Apple Ecosystem

Sunday September 20, 2020 6:17 am PDT by
Proven leaker known as "L0vetodream" has today shared a range of information about the ultra-wideband U1 chip in Apple's upcoming AirTags item trackers and AirPods Studio headphones. The first of a series of tweets shared today simply stated that AirPods Studio will contain an ultra-wideband U1 chip. It seems likely that the U1 chip would be used in AirPods Studio to track the location of...

Kuo: Apple to Accelerate Adoption of Mini-LED Displays in iPad and Mac Notebook Lineups

Sunday September 20, 2020 10:00 pm PDT by
Increased competition among Apple's suppliers for mini-LED display chips will accelerate the company's adoption of the advanced technology in its iPad and MacBook lineups, according to a new research note from analyst Ming-Chi Kuo seen by MacRumors. Kuo says that while Epistar had been predicted to be the exclusive supplier of mini-LED chips for Apple products in 2021, Sanan Optoelectronics...

Top Stories: Apple Event Recap, Apple Watch Series 6, Redesigned iPad Air, and More

Saturday September 19, 2020 6:00 am PDT by
This week's news was obviously dominated by Apple's media event and the launch of iOS 14, but there was a lot to digest, so check out our summary below for the high-level view of the past week. With the exception of the massively redesigned iPad Air, all of the new hardware introduced this week is starting to appear on store shelves and on customers' doorsteps, while all of the new software...

Apple Updates AirPods 2 and AirPods Pro Firmware to Version 3A283

Monday September 14, 2020 11:24 am PDT by
Apple today released new 3A283 firmware updates for the second-generation AirPods and the AirPods Pro. The second-generation AirPods are being updated from the 2D15 firmware they were previously running, while the AirPods Pros are being updated from the 2D27 firmware they had installed previously. Apple does not provide details on what's included in refreshed firmware so we don't know what's ...