An iOS bug surfaced earlier this week that crashes a device running Apple’s mobile operating system whenever a string of characters in non-Latin script, including Arabic or Chinese, is sent via text message and received in a notification window. Now Mikko Hypponen, chief research officer at F-Secure, a Finland-based security company, has shown that the same flaw can be exploited via messages sent through social networking services Twitter and Snapchat, the Guardian is reporting.
Luckily for users, the latest bug isn’t one that will have a lasting impact. For one, the issue requires that the sender know the string that would cause the device to crash. What’s more, users could easily protect themselves from the problem by simply turning off notifications.
According to Hypponen, when a user sends a message through Twitter or Snapchat containing the offending characters, the iOS device can, just as it does when the same string is sent via standard text message, crash the gadget. However, in order for the bug to be exploited, notifications must be turned on and the characters must show up in a pop-up notification on the iOS device. Once the user turns his or her iPhone or iPad back on, it’s possible to continue using Twitter and Snapchat without interruption.
According to AppleInsider, the Unicode characters that attempt to render on the screen eat up too many resources, causing a device like the iPhone to crash. The key ingredient in that scenario is notifications. If the text message is viewed in the Apple iMessage conversation string, the device won’t crash; the issue only occurs when a notification pops up on the user’s screen showing the characters. When notifications are turned off for Snapchat and Twitter, the string won’t cause the device to crash.
The bug is just the latest in a long line of bugs that have impacted Apple’s iOS 8. Since its launch last September, Apple’s latest mobile operating system has been patched several times. In its first five months of availability, Apple released six rounds of bug fixes to its flagship mobile platform.
For its part, Apple acknowledged the issue in a posting on its support pages on Thursday. The company said that affected users could rely on its virtual personal assistant Siri to “read unread messages” and ask her to respond to the “malicious message.” Once that reply has been sent, users can simply open iMessage and delete the conversation with the offending text.
So far, Apple hasn’t responded to the issue in Twitter and Snapchat, but it did say in its support page announcement that it will “make a fix available in a software update.” It’s likely that the software update, which has not been given a release date, will stop the issue from occurring in Snapchat and Twitter.