Replace for iOS and Macs negates textual content bomb that crashed gadgets

Final week we reported a serious bug in Apple working programs that may trigger them to crash from mere publicity to both of two particular Unicode...


Final week we reported a serious bug in Apple working programs that may trigger them to crash from mere publicity to both of two particular Unicode symbols. As we speak Apple fixes this main text-handling problem with iOS model 11.2.6 and macOS model 10.13.three, each now obtainable for obtain.

The difficulty, found by Aloha Browser in the middle of regular improvement, has to do with poor dealing with of sure non-English characters. We replicated the habits, mainly an instantaneous onerous crash, in quite a lot of apps on each iOS and macOS. The vulnerability is listed on MITRE below CVE-2018-4124. Should you have been curious.

Apple was knowledgeable of the bug and informed Exadrive final week repair was forthcoming — in truth, it was already mounted in a beta. However the manufacturing model patches simply dropped in the previous couple of minutes (iOS; macOS). Apple calls the magical characters a “maliciously crafted string” that led to “heap corruption.” It appears that evidently macOS variations earlier than 10.13.three aren’t affected, so for those who’re working an older OS, no worries.

The iOS patch additionally fixes “a difficulty the place some third-party apps may fail to connect with exterior equipment,” which is welcome however unrelated to the textual content bomb.

You need to be capable of obtain each updates proper now, and it’s best to, otherwise you’ll in all probability get pranked within the close to future.

Leave a Reply