New iOS Flaw Can Crash Your iPhone

The iPhone may claim to have overall better security than Android, but it’s not immune to all kinds of sophisticated attacks. The news of the latest such security exploit, coming from Sabri Haddouche of the app Wire, doesn’t even require that much effort.

It exploits a bug in Apple’s web rendering tool called WebKit, which is used on both iOS and MacOS. The security researcher needed just 15 lines of code to crash and restart the iPhone, while on MacOS it can potentially freeze a webpage.

The vulnerability exploits a “backdrop-filter CSS property”, which is used in 3D acceleration. Using this issue, the attacker can use all the graphical resources on the iPhone, using <div> tags, causing it to crash.

It is also incredibly easy to execute. It can be triggered if someone sends you an email or a web link with the code inserted within. Anything running on HTML is affected. Apple has been notified by the team, however, it hasn’t officially acknowledged the issue yet.


ALSO READ

Not Again: Samsung Galaxy Note 9 Catches Fire


The researchers showed a video of the exploit being demonstrated on an iPhone. They also showed a few links where you can see its effect on your own phone.

The good news is that despite causing inconvenience, the hack won’t cause lasting damage to your valuable data. It also won’t possibly result in any breaching of your personal info.

As of now, iOS 12 is said to be most affected, resulting in a restart, while previous software only caused a respring. The issue will hopefully be resolved in future updates.


  • Ltd feature videos

    Watch more at LTD

    close
    >