Personal Tech

Text bomb, text bomb, you're my text bomb! Naughty HTML freezes Messages, Safari, etc

Apple font code on iOS, macOS knackered by texted link

By John Leyden

35 SHARE

A specially crafted webpage will knacker Apple's Messages and Safari software on iOS and macOS, allowing miscreants to spread merry mischief by texting fans a link to the dastardly HTML.

The page also causes other programs, such as TextEdit on Macs, to hang when opened. This is due to, from what we can tell, it being stuffed with characters that confuse the operating system's font-rendering code, resulting in applications hanging forever or being automatically killed.

The programming blunder in the iGiant's display code is triggered by, according to a note in the aforementioned webpage, overloading "the title property with massive characters containing heavy ligature." This, it seems, causes the rendering routines, or components related to them, to enter an infinite loop and thus become unresponsive. This leaves folks with non-working software.

Several copies and mirrors of the crafty HTML have been taken down from the web but at time of writing you can find a copy at hxxxp://cydia.furcode.co/chaiOS2. Open entirely at your own risk.

Crucially, a victim may not have to explicitly click or tap on the link to activate the attack. For example, if you text the URL to pal and their Messages app fetches it automatically to display a preview, then it's game over. The HTML is rendered and the code is hijacked.

The naughty script was apparently the work of Abraham Masri, aka CheeseCakeUFO on Twitter, who shared it online as a proof-of-concept demo of the bug:

Bang ... Clicking on that link in Messages, Safari or similar will knackered the device

It's not thought the script is capable of performing more than a denial of service; it doesn't trigger the execution of arbitrary code, for example.

“[This is] more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files,” said infosec pundit and Mac fan Graham Cluley in a blog post this week.

Text bomb vulnerabilities that affect Apple's software are rare but far from unprecedented. For example, in 2015, it emerged a sequence of characters referred to as Effective Power would reboot iPhones. Similar stuff was seen in 2013.

We're told Apple is working on a patch to close down the prankster-friendly hole, and this is expected to be released next week. ®

Sign up to our NewsletterGet IT in your inbox daily

35 Comments

More from The Register

Apple replaces boot-loop watchOS edition with unconnected complications edition

QA? We've heard of it

iPhone price cuts are coming, teases Apple CEO. *Bring-bring* Hello, Apple UK? It's El Reg. You free to chat?

Snow joke, we really want to know if they'll land in the UK

Apple hands keys for retail to HR boss amid flagging iPhone sales

Deirdre O'Brien to take reins from Angela Ahrendts

Chip-for-tat escalates: Qualcomm's billion-Euro bond to block Apple iPhone sales in Germany

Some mobes off the shelves pending appeal in international patent battle drama

5.1 update sends Apple's Watch 4 bling spinning into an Infinite Loop of reboot cycles

We'll just take this one away

Apple blew my mind – literally, says woman: MagSafe plug sparked face-torching blaze, lawsuit claims

Defective kit caused oxygen mask conflagration, court told

Texas lawyer suing Apple over FaceTime bug claims it was used to snoop on a meeting

Complainant seeks damages for 'lost ability to earn a living'

Do I hear two million dollars? Apple-1 fossil goes on the block, cassettes included

1970s tech 'Picasso', two previous owners

Nobody in China wants Apple's eye-wateringly priced iPhones, sighs CEO Tim Cook

Peak Apple Who could have guessed the $1,100 phone and $800 watch wouldn't sell?

Siri, how do you wipe that smug smile from Qualcomm's face? Apple wins patent skirmish with chip nemesis

Four of eight lawsuits brought by Qualy against iGiant booted out of German court