Simple Unicode String Can Crash iPhones and Macs
Published on: 2nd Sep 2013
Note -- this news article is more than a year old.
A serious flaw has been revealed that can crash almost any Apple iPhone or computer when a specific set of unicode characters are sent to the device.
The flaw would allow a malicious person to send the string of characters as an SMS and disable Apple iPhones, or via an email to a recipient's Mac computer. Unlike other flaws, this one is triggered by nothing more complex than simply sending the correct string of characters.
A particularly malicious attack would be to change the name of a Wi-Fi hotspot to the same as the key set of letters, and then any Apple device scanning for a Wi-Fi hotspot would instantly crash.
The flaw affects iOS 6 and OS X 10.8.
The characters happen to be in Arabic, and the Russian website that broke the news said that Apple has known about the issue for the past six months and has still not fixed the problem.
Apple appears to be not the only people aware of the problem, as TechCrunch noted that Facebook is already blocking messages containing that specific set of letters from being sent via its messaging system.
At the moment, until Apple deploys a security fix, the best protection for users is the one deployed by Facebook, and that is for messaging services to try and block any communications containing the malicious string of text.
Tags: apple iphone