toggle

AAPL Stock: 100.75 ( + 0.64 )

Printed from http://www.macnn.com

Bug in OS X, iOS can cause crashes, fixed in next releases

updated 02:30 am EDT, Fri August 30, 2013

String of Arabic characters flaw mostly harmless, but annoying

A string of certain Arabic characters sent to devices running OS X 10.8.x and iOS 6.x can crash applications and make the Messages app unusable and cause both Safari and Chrome to crash. The problem has been fixed in beta releases of iOS 7 and OS X 10.9 Mavericks, but at present there is no official patch for the problem in the current releases of OS X and iOS. An unofficial fix has been made available for jailbroken devices.

Because the string of characters causes both the recipient's and sender's machines to experience the issues -- which include the aforementioned freezes and crashes as well as not allowing scanning of SSIDs for wireless networks -- the chances of being on the receiving end of the attack are very low. However, some have claimed that Apple has known about the flaw for six months already and has yet to protect the current or previous systems, 9to5Mac reports.

Hacker Filippo Bigarella has released a solution for the flaw for iOS's Mobile Safari on jailbroken devices, as well as a "dumb" patch for Webkit upon which all other iOS browsers rely. He says it is "not a definite solution, but it'll do" until Apple releases an update that fixes the issue.

The flaw doesn't allow malicious attacks or remote access, but just causes application freezes and crashes. The jailbreak fix allows apps normally affected by the problem to continue working.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    I've seen a page which claimed to contain the string, and it didn't crash Safari 6.0.5 on OS X 10.8.4. Then again, the actual bug report doesn't claim that non-mobile Safari is vulnerable, just Messages, so maybe it isn't.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Patriot Stellar Boost XT 64GB USB 3.0 drive

A vast selection of USB memory sticks means that consumers can often find exactly the size drive they need in a configuration that can ...

toggle

Most Commented