Apple has confirmed a bug in its iOS, tvOS, watchOS, and macOS operating systems which allows attackers to crash the system - potentially even entering it into a loop where it cannot easily be unlocked - with a single Unicode character.
Echoing previous Unicode-related bugs in the company's operating systems, the latest flaw to be discovered in Apple's software is both easy to exploit and extremely annoying: Simply send a single specific Unicode character via any messaging app to any Apple device, and it will crash every single time it attempts to display said character. First publicised by Italian site Mobile World, the flaw affects the current iOS 11.2 family and earlier releases, as well as tvOS, watchOS, and the mainstream macOS platforms when using the built-in Safari browser or Messages application.
For those affected by the bug, recovery can be a pain. Opening any application containing the character will crash said application the instant it is displayed - meaning there's no easy way to delete the message - while if the character appears in the iOS notification region it will prevent the device from being unlocked bar an awkward work-around involving using the shoot-while-locked functionality to load the camera, switch to the photo stream, unlock from there, then enter the system settings and disable notifications for the messaging application responsible for the crash.
For its part, Apple has confirmed it is working on a fix for release as soon as possible. Those willing to play with pre-release software can upgrade to the preview build of iOS 11.3 to resolve the problem now, while all currently available beta builds of tvOS, watchOS, and macOS are also immune to the glitch.
May 8 2019 | 13:30