Si el pasado mes Apple se veía afectada por una vulnerabilidad en iOS e iMessage, denominada chaiOS (CVE-2018-4100), esta semana se ha vuelto comprobar que los ataques mediante caracteres Unicode siguen en total vigencia, con una nueva variante, al recibir caracteres en lengua Telugu (India).
@jsmesa
https://manishearth.github.io/blog/2018/02/15/picking-apart-the-crashing-ios-string/
Basta un solo carattere per far crashare qualsiasi prodotto Apple (video)
http://www.mobileworld.it/2018/02/14/carattere-indiano-crash-iphone-mac-ipad-144881/
Script to generate all Devanagari, Bangla and Telugu strings known or suspected to crash macOS and iOS
https://github.com/hackbunny/viramarama
The latest iOS update fixes a glitch that would let others crash your phone with a text message
https://techcrunch.com/2018/01/23/the-latest-ios-update-fixes-a-glitch-that-would-let-others-crash-your-phone-with-a-text-message/
About the security content of iOS 11.2.5
https://support.apple.com/en-gb/HT208463
Deja una respuesta