Gone are the days when everyone believed that Apple’s devices, such as iPhones, iPads and Macs, simply weren’t susceptible to malware or malicious remote interference from unscrupulous individuals. Granted, malware and software designed to take data from an iPhone is less common on iOS than it is on competing platforms, but the important thing to note is that it does exist, and so do bugs in Apple’s iOS platform. One such bug can force your iphone to call a pre-defined telephone number. So how does this vulnerability work? Last month, a teenager was arrested who utilized this vulnerability in to spread a malicious link on Twitter that forced iPhones to repeatedly call 911. And now, we finally know how the bug actually works. The bug works after users click a link, usually when a user is browsing a social media feed with that particular app, that forces an iPhone to dial a pre-determined number (like 911) and then refreshes the page or opens multiple apps in order to freeze the device’s user interface. This makes it almost impossible to cancel the call.
Does Apple have a fix for it yet? I believe they are currently working on a patch. What’s especially curious about this bug is that Apple actually fixed it a long time ago, back when iOS 3 was released. However, Apple’s fix only applied to its own web browser, Safari and not the built-in app browsers that many people now use when browsing their social media feeds . A lot of times when you are viewing your social media feed using either the Twitter app or LinkedIn app and you click on a link to view further information the app itself will use it’s own browser (called WebView)without you having to use an external browser like Safari thus keeping you still in the native app. This is where the vulnerability then lies. In the meantime, what should Apple users do? You want to ensure you have the latest iOS update by going into SETTINGS and taping SOFTWARE UPDATE. Also, browsing your social media feed using Safari on your phone or just using your computer instead should keep you safe as well.
Leave a Reply