Personal Tech

Text bomb, text bomb, you're my text bomb! Naughty HTML freezes Messages, Safari, etc

Apple font code on iOS, macOS knackered by texted link

By John Leyden

35 SHARE

A specially crafted webpage will knacker Apple's Messages and Safari software on iOS and macOS, allowing miscreants to spread merry mischief by texting fans a link to the dastardly HTML.

The page also causes other programs, such as TextEdit on Macs, to hang when opened. This is due to, from what we can tell, it being stuffed with characters that confuse the operating system's font-rendering code, resulting in applications hanging forever or being automatically killed.

The programming blunder in the iGiant's display code is triggered by, according to a note in the aforementioned webpage, overloading "the title property with massive characters containing heavy ligature." This, it seems, causes the rendering routines, or components related to them, to enter an infinite loop and thus become unresponsive. This leaves folks with non-working software.

Several copies and mirrors of the crafty HTML have been taken down from the web but at time of writing you can find a copy at hxxxp://cydia.furcode.co/chaiOS2. Open entirely at your own risk.

Crucially, a victim may not have to explicitly click or tap on the link to activate the attack. For example, if you text the URL to pal and their Messages app fetches it automatically to display a preview, then it's game over. The HTML is rendered and the code is hijacked.

The naughty script was apparently the work of Abraham Masri, aka CheeseCakeUFO on Twitter, who shared it online as a proof-of-concept demo of the bug:

Bang ... Clicking on that link in Messages, Safari or similar will knackered the device

It's not thought the script is capable of performing more than a denial of service; it doesn't trigger the execution of arbitrary code, for example.

“[This is] more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files,” said infosec pundit and Mac fan Graham Cluley in a blog post this week.

Text bomb vulnerabilities that affect Apple's software are rare but far from unprecedented. For example, in 2015, it emerged a sequence of characters referred to as Effective Power would reboot iPhones. Similar stuff was seen in 2013.

We're told Apple is working on a patch to close down the prankster-friendly hole, and this is expected to be released next week. ®

Sign up to our NewsletterGet IT in your inbox daily

35 Comments

More from The Register

Apple replaces boot-loop watchOS edition with unconnected complications edition

QA? We've heard of it

5.1 update sends Apple's Watch 4 bling spinning into an Infinite Loop of reboot cycles

We'll just take this one away

Do I hear two million dollars? Apple-1 fossil goes on the block, cassettes included

1970s tech 'Picasso', two previous owners

Talk about left Field: Apple lures back Tesla engineering guru

And revs up those daft Apple Car rumors

Apple breathes new life into MacBook Air with overhauled 2018 model

Bring a dongle, though. There are bugger all ports

Apple pulls iOS 12 beta 7 after less than 24 hrs

Devs reported performance issues then...

Apple cops to iPhone 8 production oops, offers to fix borked phones

But if you got yours in Europe, no worries

Oh, and another thing, Qualcomm tells court: Apple handed Intel our chipping source code

Cupertino: If you've got any evidence, bring it

European Commission: We've called off the lawyers over Ireland's late collection of Apple back taxes

Case closed month after Apple coughs $14.3bn in 'illegal State Aid'

Apple emits its much-anticipated updates to Mac, AppleTV, and iOS

Security updates. What did you think we were referring to?