Last week it became known about a new iOS vulnerability that is associated with the iMessage service.
With this an attacker can breach a single message to cause malfunction of the iPhone, iPad or Mac. Moreover, the exploit doesn’t even need to open and read the message.
The error was discovered by developer Abraham Masri and called it “chaiOS”. Masri was briefly published exploit of the vulnerability on GitHub and said that he had discovered it accidentally, while testing iOS. According to researchers, the flaw affects IOS versions 10.0 through 11.2.5 beta 5, and can also affect Mac computers. When a device receives a message with a certain link, it first for some time is blocked completely, and then resumes, but the iMessage service continues to falter.
At the moment there are several options how to protect against this vulnerability:
1. The limit for links.
Malicious page is hosted on Github. To protect yourself from unnecessary problems, you can use the “Restrictions” in iOS.
You need to go to Settings –> General –> Restrictions –> and click on “Enable Restrictions”.
Now you have to swipe down and go to “websites”, choose “Limit adult content” and in the “do Not allow never” fit github.io.
2. Try to remove the dialog with a link.
You can try to open the app “Messages” (not the actual message with the link) and quickly delete a conversation from the conversations list.
3. Wait for updates from Apple.
Very soon the manufacturer will release updates to iOS 11.2.5, which is now in beta testing. It must close the vulnerability. Before the upgrade, you should be careful with random links.
Follow the news of the Apple in our Telegram-channel, as well as in the app on iOS MacDigger.