ios7 safari iconA new iOS vulnerability was discovered by a security researcher over the weekend, causing affected iPhones and iPads to crash and restart when following a link to an HTML page hosting specially crafted CSS code.

The vulnerability hits the WebKit rendering engine used in Safari by applying a CSS effect -- "backdrop-filter" -- that requires enough heavy graphics processing to cause iOS to crash completely.

Software engineer and security researcher Sabri Haddouche, who works for encrypted messaging app Wire, discovered the vulnerability and shared videos of its effects on Twitter. Haddouche also discussed his findings with ZDNet:

"The attack uses a weakness in the -webkit-backdrop-filter CSS property, which uses 3D acceleration to process elements behind them," Haddouche told ZDNet in an interview.

"By using nested divs with that property, we can quickly consume all graphic resources and freeze or kernel panic the OS."

Apple has been notified of the vulnerability, and Haddouche confirmed that the company is actively investigating the issue. The researcher also notes that the CSS code in its current form will freeze Safari on macOS "for a minute," and then slow it down, but the Mac won't crash. However, a modified version with Javascript could end with the same outcome as the iOS version, crashing the Mac computer that it's on.

Haddouche didn't publish the modified macOS vulnerability because once the computer reboots, Safari persists and the browser is automatically launched again with the same result, resulting in a cycle of reboots. The researcher says that he discovered the vulnerabilities during research for denial of service bugs on different web browsers.

Related Forum: iOS 11

Top Rated Comments

H2SO4 Avatar
51 months ago
Unfortunately, he gives enough details for people to try exploiting the bug themselves.
It needs to be done. That’s how you keep big companies from brushing things under the carpet.
There are plenty of exploits Apple and others have ignored and continue to ignore. A consumer backlash is what keeps them in check.
Score: 10 Votes (Like | Disagree)
PBG4 Dude Avatar
51 months ago
Backdrop-filter is a CSS property that allows you to create for example the background blur effect you know from iOS / macOS. You know, there is a window and the windows behind that window are blurred. It uses a lot of GPU. If you create a lot of elements with this property, Safari starts freezing. But it's not security bug. If your website causes this kind of problem, people won't be visiting it and you are the only one who has some kind of "damage" because of that. I think you can freeze browser using JavaScript, if you run a badly written function. But why would you do that?
Because, a crash is the starting point of an exploit. If you can get it to run some arbitrary code right at or after the point of crash, maybe you can make the system do something it normally wouldn’t, or shouldn’t do.
Score: 5 Votes (Like | Disagree)
Markoth Avatar
51 months ago
It needs to be done. That’s how you keep big companies from brushing things under the carpet.
There are plenty of exploits Apple and others have ignored and continue to ignore. A consumer backlash is what keeps them in check.
Actually, this is highly improper. Generally-speaking, you inform companies a good bit prior to going live with the info, so that they have time to patch it first. If you care about those affected by this, it's the only right thing to do. This obviously hasn't been patched yet, so now millions out there are vulnerable, and anyone with enough experience can exploit it.
Score: 3 Votes (Like | Disagree)
69Mustang Avatar
51 months ago
Actually, this is highly improper. Generally-speaking, you inform companies a good bit prior to going live with the info, so that they have time to patch it first. If you care about those affected by this, it's the only right thing to do. This obviously hasn't been patched yet, so now millions out there are vulnerable, and anyone with enough experience can exploit it.
This is more a nuisance bug, like the Telugu character. It's not a security bug. What exactly are millions vulnerable to, annoyance?
Score: 2 Votes (Like | Disagree)
MacSince1985 Avatar
51 months ago
Unfortunately, he gives enough details for people to try exploiting the bug themselves.
Score: 2 Votes (Like | Disagree)
gaximus Avatar
51 months ago
Because, a crash is the starting point of an exploit. If you can get it to run some arbitrary code right at or after the point of crash, maybe you can make the system do something it normally wouldn’t, or shouldn’t do.
No its not. "Getting it to run some arbitrary code", is the starting point of an exploit. in fact the crash would stop any kind of exploit because the system is down, as in can't run anymore code.
Score: 2 Votes (Like | Disagree)

Popular Stories

iPhone 14 Pro Lineup Feature Purple

Apple Planning to Hold iPhone 14 Event on September 7

Wednesday August 17, 2022 9:51 am PDT by
Apple is aiming to hold its first fall event on Wednesday, September 7, reports Bloomberg's Mark Gurman. The event will focus on the iPhone 14 models and the Apple Watch Series 8. The standard iPhone 14 models are expected to get few changes, but the iPhone 14 Pro models will include updated camera technology, the removal of the notch in favor of a pill-shaped and hole-punch cutout, an A16...
iOS 15

Apple Releases iOS 15.6.1 and iPadOS 15.6.1 With Bug Fixes

Wednesday August 17, 2022 9:50 am PDT by
Apple today released iOS and iPadOS 15.6.1, minor updates to the iOS and iPadOS 15 operating systems initially released in September 2021. iOS 15.6.1 and iPadOS 15.6.1 come a month after Apple released iOS 15.6 and iPadOS 15.6 with new Live Sports features and bug fixes. The iOS 15.6.1 and iPadOS 15.6.1 updates can be downloaded for free and the software is available on all eligible devices...
10th Generation iPad Render

10th-Generation iPad With Major Design Changes Reportedly in Production Ahead of September Launch

Monday August 15, 2022 8:02 pm PDT by
Apple's rumored 10th-generation iPad is currently in production and will feature "major" design changes, according to a report from Taiwanese website DigiTimes. A mockup of the potential 10th-generation iPad design by Renders By Shailesh The report did not provide any specific details about the 10th-generation iPad's new design, but rumors suggest the device will feature a larger 10.5-inch...
airpods pro black background

AirPods Pro 2: Five New Features and Improvements to Expect

Sunday August 14, 2022 3:28 pm PDT by
Apple's second-generation AirPods Pro are finally nearing launch, with a release expected later this year. If you are considering upgrading to the new AirPods Pro once they are released, keep reading for a list of five new features to expect. In addition to all-new features, the second-generation AirPods Pro will likely adopt some features added to the standard AirPods last year. H2 Chip ...
Apple Watch Series 3 v 8 1

Apple Watch Series 3 vs. Apple Watch Series 8: 20 Major New Features and Changes for Customers Upgrading

Tuesday August 16, 2022 6:52 am PDT by
It's crazy to think about, but next month will mark five years since Apple announced the Apple Watch Series 3. Despite being a severely antiquated smartwatch, the Series 3 has remained at the bottom of Apple's lineup for $199. Suppose you're still holding on to your Apple Watch Series 3. In that case, this article will list all the major new features and changes you'll get if you decide to...
ios 16 lock screen feature2

Apple Seeds Sixth Betas of iOS 16 and iPadOS 16 to Developers [Update: Public Beta Available]

Monday August 15, 2022 10:04 am PDT by
Apple today seeded the sixth betas of upcoming iOS 16 and iPadOS 16 updates to developers for testing purposes, with the updates coming a week after Apple released the fifth developer betas. Registered developers can download the iOS and iPadOS 16 profiles from the Apple Developer Center, and once installed, the betas will be available over the air. iOS 16 introduces a revamped Lock...