A security vulnerability affecting both iOS and MacOS has been discovered. The flaw can freeze a device and, on occasion, cause it to restart.
The so-called ‘text bomb’, called ChaiOS, was discovered by software developer Abraham Masri – who tweeted about the flaw.
The bug can be activated on somebody’s device by simply sending them a message containing a link, which is included in Masri’s tweet. Just sending the message to the recipient will cause the Messages app on their iPhone or Mac to stop working, without them ever having to open the link.
The code has since been removed from GitHub, where Masri had been hosting it, however it is likely to have been replicated by someone else in the time it was available.
“The bug I released was to get Apple's attention. It's just an html file,” tweeted Masri. “… I always report bugs before releasing them.
“I'm not going to re-upload it. I made my point. Apple needs to take such bugs more seriously.”
According to security expert Graham Cluley, the bug is more of an annoyance than a threat to files being accessed and any data being stolen from the user.
“Something about the so-called ChaiOS bug's code gives your Apple device a brainstorm,” wrote Cluley in a blog post. “Ashamed about the mess it gets itself in, Messages decides the least embarrassing thing to do is to crash.
“Nasty. But, thankfully, more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files.”