NEW YORK – IPhone has been detected with latest security exploit, comingfrom Sabri Haddouche of the app Wire.
It exploits a bug in Apple’s web rendering tool called WebKit, which isused on both iOS and MacOS. The security researcher needed just 15 lines ofcode to crash and restart the iPhone, while on MacOS it can potentiallyfreeze a webpage.
The vulnerability exploits a “backdrop-filter CSS property”, which is usedin 3D acceleration. Using this issue, the attacker can use all thegraphical resources on the iPhone, using tags, causing it to crash.
It is also incredibly easy to execute. It can be triggered if someone sendsyou an email or a web link with the code inserted within. Anything runningon HTML is affected. Apple has been notified by the team, however, ithasn’t officially acknowledged the issue yet.——————————
The researchers showed a video of the exploit being demonstrated on aniPhone. They also showed a few links where you can see its effect on yourown phone.
The good news is that despite causing inconvenience, the hack won’t causelasting damage to your valuable data. It also won’t possibly result in anybreaching of your personal info.
As of now, iOS 12 is said to be most affected, resulting in a restart,while previous software only caused a respring. The issue will hopefully beresolved in future updates.