Security researchers have found a new way to crash and restart the iPhone with just a few lines of code.
Sabri Haddouche recent tweets Proof of concept If you visit, only 15 lines of code will be displayed on the web page, start the iPhone or iPad and restart it. MacOS users can also view Safari freeze when opening a link.
This code makes use of the weaknesses of the WebKit iOS Web rendering engine including Apple Haddouche said that all applications and all browsers are mandatory. He explained that the following elements are nested.
Tag – CSS background filter property allows you to avoid damage by causing all the resources of the device, causing the kernel panic to close and restart the operating system.
"Everything that makes HTML on iOS is affected" in other words, if the code sending you a Facebook or Twitter link, or the web page you visited contains code, or if someone Everyone who wrote the mail warns you.
I tested the exploits running on the latest iOS 11.4.1 mobile software and confirmed that the phone hangs up and restarts. Thomas Reed, Mac director, mobile security company Malwarebytes confirmed that the latest version of iOS 12 beta is blocked while using the link.
A lucky device whose device is not blocked can instead see that the device restarts (or reconditions) the user interface.
For curious people, you can see how it works without executing the code that causes the crash.
Even if this attack is troublesome, malicious code can not be executed. In other words, malware can not be executed and data can not be stealed. We will use this attack. However, there is no simple way to prevent attacks from working. If you click a trapped link sent in the message or open an HTML e-mail that displays the code, the device may be overwritten immediately.
Haddouche contacted Apple on Friday attacks to be investigated. The spokesperson did not respond immediately to the comment request.