Apple rolls out iOS, tvOS, macOS & watchOS update to fix Telugu 'text bomb' - <b>Technical Lobby</b>

Tuesday, February 20, 2018

Apple rolls out iOS, tvOS, macOS & watchOS update to fix Telugu 'text bomb'

Apple has always been quick in releasing updates if it encounters any bug on any of its platforms. This time too it has rolled out an update for all its platforms for the Telugu 'text bomb' within a few days since its discovery. The Cupertino-based tech firm has not just rolled out an update for iOS (iPhone and iPad) but has also fixed watchOS, tvOS and macOS.
Apple rolls out iOS, tvOS, macOS & watchOS update to fix Telugu 'text bomb'

The update brings the versions iOS 11.2.6, watchOS 4.2.3, tvOS 11.2.6 and macOS High Sierra 10.13.3. There’s no big change mentioned in the change log for these updates. However, what is common in all of them is that it fixes an issue where using certain character sequences could cause apps to crash.

The iOS version additionally mentions “Fixes an issue where some third-party apps could fail to connect to external accessories.”

To recall, some Apple users recently found a bug in the form of a character from the Indian Telugu alphabet. The character corrupted the device if it was received in a message, in a document or pasted into text field.

It supposedly crashed any app in which it was displayed and rendered them 'unworkable'. The affected apps included not just messaging apps like WhatsApp and Facebook Messenger but also others like Gmail and Twitter. These apps reportedly crashed and continued to close each time the user tried to restart them.

Also mentioned was that if users got the particular character in a notification on the handset, it could block the iPhone's entire Springboard (the system software that manages the Home).
Apple rolls out iOS, tvOS, macOS & watchOS update to fix Telugu 'text bomb'
This Telugu letter is pronounced as 'gya' or 'Gna/gnya'.
In the macOS High Sierra 10.13.3 supplemental update page Apple clearly mentions what could be the reason for the crash:

-Impact: Processing a maliciously crafted string may lead to heap corruption

-Description: A memory corruption issue was addressed through improved input validation.

-CVE-2018-4124: an anonymous researcher
Post a Comment