7/11/2018

“Taiwan” remote bug crashes messaging apps on iOS 11.3


TAIWANESE FLAG EMOJI CAN CRASH YOUR IPHONE

As soon as the user types “Taiwan” or receives the Taiwan flag emoji, the messaging app crashes. The remote bug is limited to iOS apps that process remote messages.
Security researcher Patrick Wardle first came across the emoji flag bug when his Taiwanese friend complained that China had hacked her iPhone.
Wardle also posted the following image on his blog that shows this remote bug in action.Gihosoft iPhone Data Recovery Free:https://www.gihosoft.com/iphone-data-recovery-free.html

Affected versions include iOS 11.3 and below. The latest version iOS 11.4.1 patches this bug (CVE-2018-4290) on all devices.
Patrick was able to figure out a fix for the “Taiwan” bug on all affected versions. It involves toggling the region from the United States to China and then back to the United States once again.

HOW THE “TAIWAN” REMOTE BUG WORKS

For the uninitiated, Taiwan sees itself as a sovereign nation but China considers the Asian island a part of Chinese territory.
To appease the Chinese higher-ups, Apple decided to censor the word “Taiwan” and the Taiwanese flag on its devices.
But funnily enough, Apple’s appeasement efforts fell flat on their face when the text began crashing users’ devices. Here’s how the bug works –
  • iOS reads the incoming message.
  • The removeEmoji method is invoked if the message contains the Taiwanese flag emoji.
  • The emoji is removed when the region is recognized as China.
As long as the user had set the region as “China”, the method worked just fine. However, once the device went “region-less”, the method couldn’t ascertain the location of the device thus resulting in a crash.
[Source – Objective-See]

No comments:

Post a Comment

Featured Post

iOS 12 group Facetime, Supports upto 32 people simultaneously

Apple introduces a group facetime in iOS 12 that supports video call up to 32 people at the same time along with the LIVE Memoji. It’s ...