Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Text Exploit Crashes OS X 10.8 and iOS 6 Apps

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,523
30,816



An exploit that causes both Macs and iOS devices to crash was discovered yesterday, reports 9to5Mac. A specific sequence of Arabic characters causes an error that will crash any application that uses the WebKit engine in either Mountain Lion (OS X 10.8) or iOS 6.

When sent via text message, iMessage, Messages, or typed in Safari, the sequence of characters will cause apps to crash.

dosexploit.jpg
This bug does not work on any other operating systems and does not allow anyone else to access your computer remotely because of it, but being a recipient (or even sender) of these characters may make your Messages app unusable, cause Safari/Chrome to crash, or not allow for scanning of SSIDs (if the string is broadcasting as a Wifi network name).
Click to expand...
Apple has fixed the exploit in both iOS 7 and Mavericks (OS X 10.9), which means people running those operating systems are not vulnerable. All other users can be affected by the issue, which has apparently existed for more than six months.

Article Link: Text Exploit Crashes OS X 10.8 and iOS 6 Apps
 
Article Link
https://www.macrumors.com/2013/08/29/text-exploit-crashes-os-x-10-8-and-ios-6-apps/
spazzcat

spazzcat

macrumors 68040
Jun 29, 2007
3,679
4,767
This seems like a bug then an exploit? If you could then access a users computer or phone then it would be an exploit?
 
wackymacky

wackymacky

macrumors 68000
Sep 20, 2007
1,546
53
38°39′20″N 27°13′10″W
A bug yes, but a big one. How long to some sicko with a spambot sends out millions of emails containing it. Perhaps Samsung or Microsoft will include it on there web pages.

A large percent of mac, and the majority of iOS users won't know what hit them!
 
Last edited:
TheRainKing

TheRainKing

macrumors 6502a
Jun 11, 2012
999
535
wackymacky said:
A bug yes, but a big one. How long to some sicko with a spambot sends out millions of emails containing it. Perhaps Samsung or Microsoft will include it on there web pages.

A late percent of mac, and the majority of iOS users won't know what hit them!
Click to expand...

This. Apple should release an update for 10.8 users and iOS 6 users.
 
Porco

Porco

macrumors 68040
Mar 28, 2005
3,315
6,909
MacRumors said:
Apple has fixed the exploit in both iOS 7 and Mavericks (OS X 10.9), which means people running those operating systems are not vulnerable. All other users can be affected by the issue, which has apparently existed for more than six months.
Click to expand...

All users of OS X 10.8 and iOS 6 you mean? That screenshot seems to indicate earlier versions of OS X and iOS are not affected either, doesn't it?
 
FirstNTenderbit

FirstNTenderbit

macrumors 6502
Jan 15, 2013
355
0
Atlanta
/buys roll of foil

/makes foil hat

/logs into MR to make post

Apple will not fix this vulnerability because they want to increase the adoption rate of Mavericks and iOS7

/wraps iPad in foil
 
FirstNTenderbit

FirstNTenderbit

macrumors 6502
Jan 15, 2013
355
0
Atlanta
blesscheese said:
One certainly gets the impression from this that they have already stopped supporting 10.8!
Click to expand...

Ars Technica is having fun with it. They intentionally entered it into their Ars IRC and everyone on OSX was immediately kicked.

One thing of note: There were a few Ars posters who stated the bug didn't affect their rMBP's. Not sure if true but Ars is taking a whimsical approach to the news.

My hope is no one, under the guise of "Hey wouldn't this be funny?", decides to do anything malicious with this.
 
whooleytoo

whooleytoo

macrumors 604
Aug 2, 2002
6,607
716
Cork, Ireland.
If only we could find a character string that works on all platforms, then THAT'S what I'm calling my second child.

(My first child obviously being called: "'; drop table Users --")
 
centauratlas

centauratlas

macrumors 68000
Jan 29, 2003
1,822
3,773
Florida
There are now two examples in the thread now that you quoted the one you replied to!

How long until it is posted in the Apple support forum area?
 
Last edited by a moderator:
P

petsounds

macrumors 65816
Jun 30, 2007
1,493
519
FWIW, Firefox does not crash - they must be using their own text engine. Safari and Chrome do.

My bigger question is, why is this not a front-page story, while a story about (what is basically an ad for) SimCity is?
 
blesscheese

blesscheese

macrumors 6502a
Apr 3, 2010
698
178
Central CA
FirstNTenderbit said:
Ars Technica is having fun with it. They intentionally entered it into their Ars IRC and everyone on OSX was immediately kicked.

One thing of note: There were a few Ars posters who stated the bug didn't affect their rMBP's. Not sure if true but Ars is taking a whimsical approach to the news.

My hope is no one, under the guise of "Hey wouldn't this be funny?", decides to do anything malicious with this.
Click to expand...

I'm still running Snow Leopard 10.6.8! So, no ill effects on my end.

I was (literally!) just about to upgrade to 10.8, right before 10.9 came out, with the idea that all the bugs had been ironed out of 10.8, and I'll "pay to be a beta tester of 10.9" later.

But with this going on? Sheesh...
 
R

runeapple

macrumors 6502a
Mar 5, 2010
663
123
Interestingly if you write the string as a caption for a snapchat image it doesn't crash the recipients iOS6 device. I tried sending from iOS7 to my iOS6 device, most other things crash, all iOS browsers, Mail, iMessage, Facebook, Twitter etc...
 
Z

Zaqfalcon

macrumors 6502
Mar 22, 2010
361
138
I'd be interested to know what the English translation for those characters is. @FirstNTenderbit, may I borrow your foil hat please?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom