Apple Confirms Fix is Coming Next Week for Malicious Link That Freezes Messages App

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 18, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    A software update coming next week will fix an issue that allows a malicious link to freeze the Messages app on the iPhone and iPad, Apple confirmed to MacRumors this morning.

    Apple is likely talking about iOS 11.2.5, which is nearing the end of the beta testing period. iOS 11.2.5 beta 6, as we discovered yesterday, does indeed address the issue and prevents the malicious link from working.

    [​IMG]

    We expect to see a final release of iOS 11.2.5 available next week alongside macOS High Sierra 10.13.3, watchOS 4.2.2, and tvOS 11.2.5.

    The malicious link first surfaced on Tuesday after it was shared on Twitter. When texted to an iOS device, it is able to cause the Messages app on the iPhone or iPad to freeze up and become unusable. Macs are also affected, and we expect to see a Mac fix in macOS 10.13.3.

    A user who receives the link will see their Messages app freeze entirely, and the fix appears to require users to quit out of the Messages app and then delete the entire conversation with the person who sent the link to restore the app to working condition.

    The link initially went to a webpage on GitHub, but GitHub took it down on Wednesday, limiting its spread. Most users are not likely to be impacted at this point because the original link has been disabled, but if you do get a text with a bad link before iOS 11.2.5 is released, deleting the Messages conversation is a reliable fix.

    Article Link: Apple Confirms Fix is Coming Next Week for Malicious Link That Freezes Messages App
     
  2. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #2
    I hope the person that posted the link to Github faces consequences of that action.
     
  3. Tech198 macrumors G5

    Joined:
    Mar 21, 2011
    Location:
    Australia, Perth
    #3
    And how can you delete a message if the app is frozen?
     
  4. tzm41 macrumors regular

    tzm41

    Joined:
    Jul 11, 2014
    Location:
    Boston
    #4
    I wonder how many more of these patterns are going to be found in the future. Seems like each time Apple is just patching for one case and people find the next case eventually.

    PS: Are we getting message on iCloud and AirPlay 2 on iOS 11.2.5?
     
  5. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #5
    Quit messages, relaunch, it will show the persons/chats you have, delete the affected person/chat, that's how I think it works.
     
  6. mattburley7 macrumors 68040

    Joined:
    Oct 13, 2011
    #6
    no we are not.. 11.3 maybe?
     
  7. tzm41 macrumors regular

    tzm41

    Joined:
    Jul 11, 2014
    Location:
    Boston
    #7
    They gotta ship AirPlay 2 before HomePod launches though, right? From yesterday's rumor HomePod launch is imminent.
     
  8. d5aqoëp macrumors 6502a

    d5aqoëp

    Joined:
    Feb 9, 2016
    #8
    The more complex iOS gets, the more we will see these nuisance bugs.
     
  9. mattburley7 macrumors 68040

    Joined:
    Oct 13, 2011
    #9
    i think airplay2 is in 11.2.5 though. just not iCloud messages.
     
  10. BugeyeSTI macrumors 68020

    BugeyeSTI

    Joined:
    Aug 19, 2017
    Location:
    Arizona
    #10
    Everythingapplepro latest YouTube video shows something similar:
     
  11. npmacuser5 macrumors 65816

    npmacuser5

    Joined:
    Apr 10, 2015
    #11
    Thousands....Apple and others, doing too many changes in too short a time frame. Each year it gets worse. The problems the sloppy coding cause are a headache enough, then add the hours of users time to implement the patches. I have 7 IOS and Mac OS products. Updating just these few costs me at a minimum 1 tp 2 hours each time. Multiply that times the number of Apple products worldwide, a significant cost in loss of productivity in time and a Monies. Apple needs to be more sensitive to our time and costs.
     
  12. jav6454 macrumors P6

    jav6454

    Joined:
    Nov 14, 2007
    Location:
    1 Geostationary Tower Plaza
    #12
    That is not a text message... it is Zalgo!!! ZA͡L̢GƠ ͠is not goi̶ng ͞t҉o͞ ͘te̛ll͜ ̀y͞ou ̴w̵ha̡t͡ ZALG͏Ó ͢i̢s, for ҉Z̧AL͟GO͘ i͘s̸ not. Z̸A̴LG͝O̕ is ̢ǹot͏ à g͡o͞od҉ t̨hin͠g͘.͜ ̵ ҉Z͜A̢L̕GO͢ ҉is̸ no͟t͏ /̀x/ ̵o̡r ̛S̀A.͠ ͏ ZAL͡GO͘ ͡is͞ n̷o̧t ̢u̕nt̸i̴l̵ the e͟n̵d̀ ͜o̷f ̵days̀.͜ ̷ ̵ ̷He̕ W͞ai͞t͞s͡ ͡Be͜h̵ind

    [​IMG]
     
  13. RightMACatU macrumors 65816

    RightMACatU

    Joined:
    Jul 12, 2012
    Location:
    192.168.1.1
    #13
    Can I send this to my bank that owns my mortgage? :p
     
  14. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #14
    That video could be 1 minute long and still have all the information inside, keeps repeating himself.
     
  15. BMcCoy macrumors 68000

    BMcCoy

    Joined:
    Jun 24, 2010
    #15
    Remind me why we’re jumping from 11.2.2 to 11.2.5 ..?
     
  16. macduke macrumors G3

    macduke

    Joined:
    Jun 27, 2007
    Location:
    Central U.S.
    #16
    Sometimes websites will have a popup saying your device is hacked and it locks up Safari on iOS. I think it uses javascript and even ad blockers don't stop it. They need to fix that. It's pretty rare that it happens, but it's still really annoying. I wish ad networks would stop these sorts of ads from seeping through, but it's fairly clear that they don't care about users.
     
  17. timborama macrumors 6502

    timborama

    Joined:
    Oct 12, 2011
    #17
    Or Apple could just let me disable URL previews in messages. Utterly annoying “feature”.
     
  18. kemal macrumors 65816

    kemal

    Joined:
    Dec 21, 2001
    Location:
    Nebraska
  19. BugeyeSTI macrumors 68020

    BugeyeSTI

    Joined:
    Aug 19, 2017
    Location:
    Arizona
    #19
    Agreed. I barely could make it through the whole thing
     
  20. zachcsnyder macrumors member

    Joined:
    Jul 23, 2014
    #20
    Here’s hoping they fix the other prolific bug of messages freezing or crashing a couple times per day on days when the sky is blue
     
  21. cmaier macrumors G4

    Joined:
    Jul 25, 2007
    Location:
    California
    #21
    Because of magic.
     
  22. Solver macrumors 6502a

    Joined:
    Jan 6, 2004
    Location:
    Cupertino, CA
    #22
    It is very possible that this fix will be released as iOS 11.2.3
     
  23. FightTheFuture macrumors 6502a

    FightTheFuture

    Joined:
    Oct 19, 2003
    Location:
    that town east of ann arbor
    #23
    Pretty scary stuff seeing it in action though. I do wonder how the iPhone that sent the message doesn't freeze too.
     
  24. BugeyeSTI macrumors 68020

    BugeyeSTI

    Joined:
    Aug 19, 2017
    Location:
    Arizona
    #24
    You’d figure instead of releasing this crap to the public where it will cause havoc, they would contact Apple with the exploit and try and get some type of bounty so it can be patched.
     
  25. ArtOfWarfare macrumors G3

    ArtOfWarfare

    Joined:
    Nov 26, 2007
    #25
    Hmmm... that is an interesting point... normally with these viral messages that disable the Messages app, there's no great way of tracking it back to whoever started it.

    In this case though, it seems like GitHub probably has the ability to identify who uploaded the content to their website...

    There is still a question of what the person really intended, though. Was it a security person who meant to just share it with Apple, but someone else leaked a link, for example? You could argue that the person should have used a private account on GitHub, but GitHub charges for private accounts while public ones are free.
     

Share This Page