Malformed iMessage Can Brick iPhone
Project Zero, Google's 'bug and vulnerability-discovery team', has published details about a vulnerability that can brick an iPhone, with the only option left for users being to wipe their device (losing all data) and start over with factory settings.
Natalie Silvanovich, the Project Zero researcher who found the vulnerability, writes that a malformed message "is sent containing a property with key with a value that is not a NSString." The device looks for a string, when there isn't one. The expected string is, in fact, an NSNumber, "which throws an exception as the selector does not exist in that class."
This issue on a Mac will cause 'soagent' to crash and respawn, whereas on an iPhone it will crash and respawn repeatedly. Along with this, the phone stops responding to user commands and the UI is no longer displayed. Silvanovich was unable to perform a hard reset and found that the phone is unusable once it is unlocked. The only way around this was to "reboot into recovery mode and do a restore. This causes the data on the device to be lost though."
Project Zero's policy is to give the vendor - in this case, Apple - 90 days 'warning'. Silvanovich did just that, publishing her April 19 bug report this week. Apple acted swiftly when they received the report in April and had a patch ready as part of the iOS 12.3 release on May 13.
If you haven't already done it, make sure your iPhone is up to date!
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.
