Original Story: The next time your iPhone shuts down for no apparent reason, it might not be a lack of charge or a dodgy app, but some joker sending you a text message. There is a (sightly shonky) fix, though.
A bug has been discovered that could enable a prankster to send a victim a text message 75 characters long that triggers the fault. When received, as soon as the dodgy message appears on the notification screen, the iPhone reboots itself.
The glitch was spotted on Tuesday by a Reddit user. They got the message which caused their smartphone to instantly crash. The attack also appears to affect the Apple Watch as well as Macs running OS X.
However, the good news is that there is a workaround. Send yourself a message without using the Messages app - via Siri or from a Mac, for instance - and Messages should be safe to reopen. Alternatively, if you can convince whoever sent you the "killer text" to send you another message (assuming they've somehow done it by mistake rather than maliciously) that also fixes the problem.
The text message looks like it contains Arabic characters, but that’s not inherently the problem (otherwise iPhones wouldn’t sell that well in the Middle East). The issue lies in how the Unicode representing them gets processed by a library of software routines that help apps display screen text. This is called CoreText.
As the message confuses the iPhone, it doesn’t know what to do, so shuts itself down. The bug is not limited to iMessages on the iPhone, other messaging apps, such as WhatsApp are also affected.
In the meantime, a lot of Android jokers will be sending Apple fanboys dodgy texts and laughing loudly at them.
UPDATED: Apple is still working on a permanent solution, but in the meantime here is the company's official tempory fix:
- Ask Siri to “read unread messages.”
- Use Siri to reply to the malicious message. After you reply, you’ll be able to open Messages again.
- In Messages, swipe left to delete the entire thread. Or tap and hold the malicious message, tap More, and delete the message from the thread.
UPDATED #2: It appears the bug also works in messages sent through social networking services Twitter and Snapchat.
Chief research officer at F-Secure, Mikko Hypponen, has shown the same flaw working in separate apps.
Hypponen discovered that a message on these services containing exactly the same offending characters can crash an iOS device.
In order for the bug to work, notifications must be turned on and character must show up in a pop-up notification.
This is slightly easier to fix, simply turning the device back on will work.