If you’ve been dragging your heels on installing the latest iOS updates, it’s a good time to stop; you’ll want to pull out your iPhone now and make sure that you’ve installed iOS 12.3, lest you fall prey to a serious new iMessage bug that’s making the rounds.
There’s been no shortage of weird bugs that have popped up in iMessage over the years, usually “text bomb” style bugs that allow malicious links, or weird character strings to crash a recipient’s iPhone, and while Apple is quick to patch iOS each time a new bug is discovered, the variety of different issues goes back to 2015.
While some bugs are of course inevitable, the good news is that security researchers are getting better at finding them before they’re out in the wild, and Apple is getting far better at squashing them proactively as a result. In fact, a new report shared by ZDNet shows the most recent example of how Apple was able to address another such glitch before anybody knew enough about it to cause any havoc — and it did so with the help of an unlikely ally.
According to the report, a security researcher at Google’s Project Zero, Natalie Silvanovich, discovered an issue where a malformed message could actually brick an iPhone completely, requiring it to be wiped and restored.
A More Serious Messages Bug
Up until now, most of the character-string bugs found in Apple’s Messages app have been more of an annoyance than anything else. The usual symptom is to cause the Messages app to crash, returning the user to the main Home screen, known as the “Springboard.” While some bugs have caused the Springboard module to crash as well, this usually respawns by itself, resulting in what looks like a very brief iPhone restart — although it’s not actually a full reboot of the iPhone; only the Springboard module.
According to Silvanovich, however, this particular bug causes Springboard to crash and respawn repeatedly, meaning that the core Home screen and app switcher interfaces goes away and the iPhone stops responding to input. To make matters worse, the bug survives a hard reset of the iPhone, causing Springboard to start crashing again immediately after the iPhone is unlocked.
…on an iPhone, this code is in Springboard. Receiving this message will case Springboard to crash and respawn repeatedly, causing the UI not to be displayed and the phone to stop responding to input. This condition survives a hard reset, and causes the phone to be unusable as soon as it is unlocked. The only way I could find to fix the phone is to reboot into recovery mode and do a restore. This causes the data on the device to be lost though.Natalie Silvanovich, Security Researcher, Google Project Zero
The end result is that the iPhone is “bricked” — it becomes completely unusable — and the only way to return the device to normal operation involves wiping it entirely and restoring it from backup.
It’s Already Fixed — But Only in iOS 12.3
The really good news here, however, is that unlike prior Messages bugs, which ended up making the rounds — usually in the form of people pranking each other — and frustrating more than a few iPhone users, Apple managed to fix this one before anybody outside of security research circles knew about it.
Silvanovich found the issue back in April, and responsibly reported it to Apple under a fairly standard 90-day disclosure deadline, giving the company time to address the issue before it was made public knowledge. As a result, Apple fixed the problem in iOS 12.3, so as long as you’re running the latest version of iOS, you shouldn’t have a problem.
You Should Really Update to iOS 12.3 NOW
While the 90-day disclosure deadline hasn’t yet passed — that would have happened on July 17th — the disclosure ban was lifted last Wednesday because the problem was fixed in the iOS 12.3 update.
However, what this actually means is that anybody who hasn’t updated to iOS 12.3 is still vulnerable to this bug. While users were protected before simply because nobody knew about the bug or how to exploit it, now that it’s become common knowledge — complete with a script to reproduce it — it’s inevitable that some miscreants will to try to catch users with it. This means that users on versions of iOS 12 prior to iOS 12.3 are more at risk of being hit by this bug than ever.
In fact, it’s even unclear if you can protect yourself simply by avoiding suspicious iMessages — from Silvanovich’s description, it sounds like the bug is triggered when the message arrives on the target iPhone, not necessarily when the user reads it.
Note that users on older iPhones that don’t support iOS 12 (which to be fair, only include those models made more than six years ago) may not be impacted by the bug; although Silvanovich isn’t clear, it’s very likely the bug didn’t exist in iOS 10, which is the latest version that those devices — the iPhone 5c and earlier models — can run.