Update for iOS and Macs negates text bomb that crashed devices

Last week we reported a major bug in Apple operating systems that would cause them to crash from mere exposure to either of two specific Unicode symbols. Today Apple fixes this major text-handling issue with iOS version 11.2.6 and macOS version 10.13.3, both now available for download.

The issue, discovered by Aloha Browser in the course of normal development, has to do with poor handling of certain non-English characters. We replicated the behavior, basically an immediate hard crash, in a variety of apps on both iOS and macOS. The vulnerability is listed on MITRE under CVE-2018-4124. If you were curious.

Apple was informed of the bug and told TechCrunch last week that a fix was forthcoming — in fact, it was already fixed in a beta. But the production version patches just dropped in the last few minutes (iOS; macOS). Apple calls the magical characters a “maliciously crafted string” that led to “heap corruption.” It seems that macOS versions before 10.13.3 aren’t affected, so if you’re running an older OS, no worries.

The iOS patch also fixes “an issue where some third-party apps could fail to connect to external accessories,” which is welcome but unrelated to the text bomb.

You should be able to download both updates right now, and you should, or you’ll probably get pranked in the near future.


Source link

Products You May Like

Articles You May Like

Late-blooming startups can still thrive
You could win* a free Samsung Galaxy S9 Plus or a Galaxy S9!
PlayTable uses blockchain to connect video games and physical objects
With great tech success, comes even greater responsibility
Spotify tests native voice search, groundwork for smart speakers

Leave a Reply

Your email address will not be published. Required fields are marked *