Google’s Project Zero exists to search out zero-day vulnerabilities such as the yet to be fixed Windows 10 security bomb I wrote about recently. Nevertheless, it’s not just Microsoft that comes under scrutiny from the Google security researchers: a vulnerability in Apple’s iMessage has been discovered that “bricks” an iPhone and survives hard resets, leaving users having to wipe the system and start factory fresh again.
The iMessage text bombing zero-day was disclosed by Google Project Zero researcher Natalie Silvanovich, who describes how the malformed message vulnerability can cause a Mac to “crash and respawn.” However, as Silvanovich notes in her disclosure, “on an iPhone, this code is in Springboard. Receiving this message will cause repeatedly respawn, causing the UI not to be displayed and the phone to stop responding to input.” In other words, receiving this text bomb via iMessage creates a situation that survives a hard reset and causes the iPhone to be unusable from the moment it’s unlocked. “The one way I could discover to repair the phone is to reboot into recovery mode and do a restore,” Silvanovich mentioned, continuing “this causes the data on the unit to be lost though.”
If you haven’t turned on the automated software update feature in iOS 12, then I recommend that you do. That way you possibly can ensure that issues like the iMessage text bomb iPhone bricker won’t affect you. Open the Settings app, navigate to the General section, after which select the software update option. Toggle the automated updates button to on, and you’re sorted. However, I’ll say it anyway: if you’re not but running iOS 12.3, then you actually should update as a matter of urgency now that the iMessage bricking technique has been made public. There will always be some issues about updating to a brand new model of any operating system, and the forthcoming iOS 13 is not immune to those, however updating makes extra sense than not if you wish to reduce the risk of falling victim to known security issues that would make your iPhone unusable.