The picture was probably intended for suppliers or an assembly shop, but it “leaked” to…
The vulnerability was discovered in April and fixed in May with iOS 12.3.
The cause of the failure is an incorrectly formed message, where a text key is present, which will be mistaken for a string. This leads to the launch of certain exceptions, which disables the device.
Silvanovich explains in a blog post that “the – [IMBalloonPluginDataSource individualPreviewSummary] method in IMCore can trigger an NSException due to a malformed message containing an attribute with the IMExtensionPayloadLocalizedDescriptionTextKey key, the value of which is not NSString”.
«This method calls [IMBalloonPluginDataSource _summaryText], which returns an attribute, taking it as a string, but not checking it. The method then calls – [IMBalloonPluginDataSource _replaceHandleWithContactNameInString:], and it in turn calls im_handleIdentifiers in “NSString”, which is in fact NSNumber, which causes an exception, since there is no selector for this class”, – summarizes researcher.
As a result, the receipt of this message causes Springboard to complete and resume work time after time. Because of this is no longer displayed user’s interface and device can no longer respond to user’s commands.
Forced reset in this situation does not help – the phone remains inoperable after unlocking. The only way to recover iPhone is to reboot into recovery mode and start recovery. However, in this case data on the device will be lost.
This is not the first time that the iPhone can be disabled by sending a single message.
In February 2018, it turned out that in attempt to cause malfunction of Apple devices, it is enough to send a single word to the device – జ్ఞా. If macOS, iOS, or watchOS received the message in which it is contained, the system was frozen up because Apple’s text engine had problems processing the word.
జ్ఞా is the Indian word for Telugu, which requires several characters to be written. The literal translation of a word without context is “sign”.
If a message with a dangerous word was displayed as a notification on the lock screen of the iPhone or iPad, and then the user tried to open it, this caused the Springboard to stop working. As a result, iOS itself was frozen. The reboot did not help, because the system again tried to display the symbol, which again led to frozening. The only way out was to log into the affected application from another device and delete the message.
Mergeconnection.co.in is a domain that tries to trick you into clik to its browser notifications…
0.31 is a site that tries to trick you into clik to its browser notifications…
Euopue.click is a site that tries to force you into subscribing to its browser notifications…
Hotbwodama.today is a site that tries to force you into subscribing to its browser notifications…
News-bnufijo.today is a domain that tries to trick you into clik to its browser notifications…
Consmertestconnect.com is a site that tries to trick you into subscribing to its browser notifications…
View Comments
[…] you that this is not the first bug of this kind. For example, in 2018, iOS users suffered from a similar error related to the Telugu language symbol, common in the Indian states of Andhra Pradesh and Tellingan. […]