Update for iOS and Macs negates text bomb that crashed devices

Gadgets



Last week we reported a major bug in Apple operating systems that would cause them to crash from mere exposure to either of two specific Unicode symbols. Today Apple fixes this major text-handling issue with iOS version 11.2.6 and macOS version 10.13.3, both now available for download.

The issue, discovered by Aloha Browser in the course of normal development, has to do with poor handling of certain non-English characters. We replicated the behavior, basically an immediate hard crash, in a variety of apps on both iOS and macOS. The vulnerability is listed on MITRE under CVE-2018-4124. If you were curious.

Apple was informed of the bug and told TechCrunch last week that a fix was forthcoming — in fact, it was already fixed in a beta. But the production version patches just dropped in the last few minutes (iOS; macOS). Apple calls the magical characters a “maliciously crafted string” that led to “heap corruption.” It seems that macOS versions before 10.13.3 aren’t affected, so if you’re running an older OS, no worries.

The iOS patch also fixes “an issue where some third-party apps could fail to connect to external accessories,” which is welcome but unrelated to the text bomb.

You should be able to download both updates right now, and you should, or you’ll probably get pranked in the near future.

 



Source link

Products You May Like

Articles You May Like

Tableau gets AI shot in the arm with Empirical Systems acquisition – TechCrunch
Here are 454 pages of Facebook’s written follow-up answers to Congress – TechCrunch
VCs serve up a large helping of cash to startups disrupting food – TechCrunch
Three burning questions about E3 2018
Westworld delves into the heart of Ghost Nation with season 2 episode 8

Leave a Reply

Your email address will not be published. Required fields are marked *