A newly discovered bug is causing havoc for iOS, macOS and wachOS 5 users. By simply visiting a web page that contain certain CSS and HTML, iOS users device will be forced to restart while macOS users device will freeze.
This bug is so strong that iOS and macOS users dont have to visit a website to trigger it-- a shortcut is enough. However, Windows, Android and Linux users are not affected by this bug.
Discovered by security researcher Sabri Haddouche, the security researcher provided a proof-of-concept demo and source code for the crash which he named "Safari Ripper".
"The attack uses a weakness in the -webkit-backdrop-filter CSS property," Haddouhce told BleepingComputer. "By using nested divs with that property, we can quickly consume all graphic resources and crash or freeze the OS. This attack does not require Javascript to be enabled therefore it also works in Mail. On macOS, the UI freeze. On iOS, the device restart."
The security researcher explained that the bug affected all browsers on iOS, as well as Safari and Mail in macOS because they all use the WebKit rendering engine. The App store rules forbids anyone from bringing their own rendering engine.
— Sabri (@pwnsdx) September 15, 2018For iOS users, the version of OS determines the outcome. Those on iOS 12 will suffer a reboot while those on iOS 11.4.1 the bug will cause a respring.
For macOS, the bug will force Mail and Safari to freeze for a second and then slow down the computer. Worse still, the crash can done by simply creating a shortcut to it.
If you are viewing this page in Safari on iOS and will like to crash you device, simply click this link. Wait! i said crash your device so don't say i didn't warn you.
Also Read: This Single text message will crash your iPhone!
Apple has had several similar issues in the pasts. Sometime in this year January, a bug dubbed "ChaiOS" which was a link would crash an Apple device when viewed. Also this year, an Indian character would crash an iOS device when the user viewed the image.
In 2015, another bug called the "Effective Power" bug allowed anyone to remotely reboot iPhones by using a special sequence of characters.
This bug will only last for a short while before apple creates a fix for it.
0 comments:
Post a Comment