Wednesday, May 18, 2016

Text-based bug that crashes apps in OS X 10.8 & iOS 6 discovered, fixed in OS X 10.9 and iOS 7

An publicly announced yesterday (picture of source page available here – won’t force a crash) shows how a string of Arabic characters can crash appliions in OS X 10.8 and iOS 6. The upcoming operating systems, iOS 7 and OS X 10.9, have fixed the bug, but was supposedly notified about this bug six months ago and still has not issued a fix for the current public operating systems.Jailbrkers are alrdy working to the bug over until relses a full fix:
Filippo Bigarella@FilippoBiga
I have a fully working that unfortunately applies only in MobileSafari. The more eral fix I came up with is not a cln solution.9:45 PM - 29 Aug 2013

This bug does not work on any other operating systems and does not allow anyone else to access your computer remotely because of it, but being a recipient (or even sender) of these characters may make your Messages app unusable, cause Safari/Chrome to crash, or not allow for scanning of SSIDs (if the string is broadcasted as a Wifi network name).
Back in 2009,iOS 3.0 was vulnerable to an SMS bugthat allowed others to remotely execute on the recipients’ phone. The 3.0.1 update introduced a .Hopefully will be pushing out a security fix in the nr future to make sure this doesn’t get too far.Update: A jailbrk fix has been relsed that fixes apps that cannot be opened due to the . The has not been tested or verified by us and may cause other issues when browsing.
Filippo Bigarella@FilippoBiga
WebCore ‘dumb’ to avoid crashes with today’s malicious character sequence:… (deb available under “relse” tab)10:32 PM - 29 Aug 2013

Filippo Bigarella@FilippoBigaYou can install that to open the apps that are currently crashing due to that bug. It’s not a definitive solution, but it’ll do for now.10:33 PM - 29 Aug 2013

No comments:

Post a Comment