iOS crash via emojis

YouTube star EverythingApplePro has published a video today revealing two new methods through which someone could crash iOS devices.

Both methods, detailed in the video below, don't need any user interaction and will freeze and later crash the target's device at the moment a specially-crafted message is received.

First method is easy to execute

The first method is the simplest to carry out and relies on sending a message to a victim that contains a white flag emoji, zero (0), and the rainbow emoji.

At the moment the target receives this message, his/hers device will immediately freeze and eventually reboot in a few minutes.

This bug is a variation of a bug previously discovered by a French researcher and affects devices running iOS 10.0 through 10.1.1.

EverythingApplePro has published an explanation of what he believes is happening under the hood.

What you see in the text is the waving white flag emoji, a zero, and the rainbow emoji. The rainbow flag emoji isn't an emoji in itself, it's made of three characters: waving white flag, a character called variation sector 16 (VS16 for short), and the rainbow. What VS16 does in this case essentially is tells the device to combine the two surrounding characters into one emoji, yielding the rainbow flag (this is similar to how skin tone modifiers work, but not exactly the same). The text you're copying is actually waving white flag, VS16, zero, rainbow emoji. What I'm assuming is happening is that the phone tries to combine the waving white flag and the zero into an emoji, but this obviously can't be done. Usually the phone wouldn't try to do this, but it notices that the rainbow emoji is also there, and knows that it can combine the white flag and rainbow emoji, so it tries.

Second method works on current iOS versions

The second method is a little bit more complex to reproduce, but works against all iOS versions between 10.0 and 10.2.1.

According to the YouTuber, users have to copy-paste the three characters many times over inside a contact card.

Once they send this contact card to the victim via iCloud's sharing feature, the target's device will crash, even if the victim hasn't manually opened the file.

Apple is expected to release fixes for the bugs. This is not the first time EverythingApplePro has shared iOS-crashing bugs.

In November 2016, the YouTube star shared two videos showing how someone could crash iOS devices via a video link or could bypass passcode protection using Siri.

Related Articles:

iSH - An iOS Linux Shell for Your iPhone or iPad

Method to View Contact Info on a Locked iOS 12.1 Device Disclosed

Apple Fixes Passcode Bypass, RCE Vulnerabilities, and More in Today's Updates.

Scam iOS Fitness Apps Steal Money Through Apple Touch ID

Holding Down Any iOS Keyboard Button Turns It Into a Mouse