Домой United States USA — IT This Apple Safari Bug Can Crash Your iPhone

This Apple Safari Bug Can Crash Your iPhone

357
0
ПОДЕЛИТЬСЯ

The Safari browser contains a bug that’ll force the software to freeze and reboot when it tries to load up a webpage rigged to contain a massive line of HTML web elements. Both iOS and Mac devices appear to be affected.
There’s a new way to crash an iPhone.
Researcher Sabri Haddouche on Saturday tweeted out a webpage that will cause iOS devices to freeze and reboot when visited. The reason? Apple’s Safari browser contains a flaw that can be exploited to grind the memory processes to a halt.
Safari uses a browser engine called WebKit to render a website’s content and images. However, Haddouche found that WebKit will struggle to render a webpage when its computer code has been written to include a massive number of HTML elements.
Specifically, Haddouche’s webpage nested «thousands» of HTML elements using «div» tags inside a single line of computer code. When the Safari browser tries to render the elements, an «out of memory» error will be triggered, forcing the software to panic, he told PCMag.
pic.twitter.com/jhzIPIeo2Y
«The attack uses a weakness in backdrop filter, a CSS property that uses 3D acceleration to process elements behind them,» he said. Backdrop filter is designed to blur and shade colors across a webpage.
If you’re really curious, you can test the bug for yourself by visiting this link. It should immediately freeze and restart the device; users report it working on iOS 9.2 to iOS 12. The WebKit vulnerability also affects Safari on macOS, and can potentially crash the browser and even the entire system. One Mac user reported that the Safari browser will try re-loading the rigged webpage after each restart, putting it in a perpetual state of error.
So far, Apple hasn’t commented on the bug.
It isn’t the first time computer experts have uncovered software bugs in Apple devices that can throttle the software. In January, a developer publicized a bug in the Messages app that can crash an iPhone with a specially crashed web link.
A month later, engineers at a browser maker discovered that iOS devices would freeze and shut down whenever they encountered a symbol in the Indian language known as Telugu. In both cases, Apple released fixes over the next several days.

Continue reading...