A new bug
has been revealed for Apple iMessage
that causes the app to freeze. YouTube user vincedes3 posted
a video on his channel demonstrating how a vcf attachment sent on iPhone
running on iOS 8 to
10.2.1 makes your iMessage vulnerable to the bug. Clicking on the malicious
message, which is basically a large vcf file, will cause iMessage app to
freeze. You can dismiss iMessage from recently used apps on your iPhone, but
reopening will cause it to crash.
“When you click, iOS want to read the text, the text in the file
is very complicated for the system and cause a CPU average: the app freeze. You
close the app, want to reopen but iOS want to reload the previous message but
can’t because it’s the vcf file,” vincedes3 explains on his
site.
However, he has provided a ‘magical link’ on the site, which he
claims will make the bug go away, restoring iMessage app to normal. However, he
has warned the fix (link) doesn’t work for some iPad devices. Users will
need to open the given link on Safari browser. The link then starts to fix your
app and you receive a message in the end that says, “‘I have just save you’re
iPhone bro ;-)”
The
exploit is particularly destructive in that restarting the Messages app, or
even the iPhone, is ineffective, unless the owner looks to Vincedes3’s blog post for
a solution.
Along
with access to a copy of the vCard, Vincedes3 has thankfully detailed multiple
ways of restoring the iOS device to normal. The exploit works on the premise
that Apple’s iOS will always try to open the most recently opened text. By
sending yourself a message and then opening it via Siri, the exploit will move
down the list of messages and become ineffective. Alternatively, the hacker has supplied a link which can be opened in
Safari to restore the iOS device to normal.
This is not the first bug facing iOS devices in recent times.
A five-second video was shared by YouTube channel EverythingApplePro, and
viewing it on Safari caused iOS to crash. However, the bug wasn’t limited to
one iOS build.
In May last year there was a bug which caused iPhones running
iOS 8.3 to crash when a message containing a specific string of text was
received. Apple had later issued a software fix for the bug. The Cupertino
giant is likely to do the same this time around as well.
