Press "Enter" to skip to content

This code will crash any iPhone and iPad immediately

A security researcher has found a new way to crash and reboot any iPhone with just a few lines of code.

According to his Twitter profile Sabri Haddouche comes from Berlin. And there he released a rather explosive tweet on Saturday: he links to a website that forces every iOS device to its knees in seconds.

The security researcher had 15 lines of code to complete the attack, notes Tech Crunch . It exploited a vulnerability in the so-called web rendering engine WebKit of Apple\’s mobile operating system iOS . In other words, all iPhones and iPads are affected as soon as they call up the corresponding code, either in the browser or in an app.

This means that the users of iOS devices are vulnerable via Twitter, Facebook and any manipulated website. Or even if someone sends the CSS code by e-mail.

Where there are conflicting messages about which other browsers are affected besides Safari by Apple .

Reassuring: attackers can do no further damage. The attack is not suitable for smuggling malware onto a foreign device or for stealing data .

Haddouche told Tech Crunch that he had informed Apple about the vulnerability on Friday. This is already being investigated.

And probably soon closed by an update.

That’s how it works

The attack works with controls designed for HTML pages: CSS (Cascading Style Sheets) are responsible for the formatting and layout of web pages. Haddouche explained that by skilfully nesting CSS control codes, he could consume all the resources of the iOS device and cause a kernel panic that shuts down and restarts the operating system to prevent damage.

(dsc, via futurezone.at )

Be First to Comment

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.