Apple has gotten somewhat infamous over the years for the plethora of bugs that can cause an iPhone to crash by merely receiving certain strings of characters in text messages or iMessages. But a new discovery this week along similar lines doesn’t even require a text message.
A report by TechCrunch cites a Mastodon post by a security researcher who apparently learned that typing the characters “”:: in the App Library search bar on any iPhone or iPad will cause a SpringBoard crash. Consequently, the device’s screen instantly turns black, and a small loading circle consequently appears in the center. The crash appears to be harmless, and the device comes back online very quickly (within seconds).
Likewise, you can type these same characters in the Settings app’s search bar and it will crash the Settings app, but it won’t crash SpringBoard.
It seems improbable that an attacker could leverage such an attack against iPhone or iPad users given the need for physical access to the device and the fact that the device comes back online so quickly.
Previous security issues of similar nature were far more dangerous, as an attacker could target iPhone and iPad users remotely by sending malicious strings of text in messages containing the offending characters. That certainly isn’t the case here as it’s contained to search boxes that users aren’t regularly typing these particular characters into.
In any case, it’s like that we’ll see a software update from Apple that fixes this problem soon, as Apple tends to fix these bugs rather quickly when they’re brought out into the light. It remains to be seen if it will wait until iOS & iPadOS 18 release given the acute nature of the bug, or if it will warrant a full-blown iOS & iPadOS 17 release ahead of the upcoming iOS & iPadOS 18 launch.
Have you tried entering these characters into the search bars of your iPhone or iPad yet?