A security researcher discovered a bug in iOS on Wednesday that can cause iPhones and iPads to briefly crash when a specific sequence of four characters is typed into certain search bars. The bug affects the Apple mobile user interface known as Springboard.
The bug is triggered by typing “”:: into specific search fields on iOS devices. However, it has been noted that only the first three characters “”: are actually necessary, with any fourth character causing the crash, TechCrunch added. When these characters are entered, Springboard briefly crashes, causing the device to reload to the lock screen.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
The bug has been verified to occur in two specific locations:
- The Search bar in the Settings app.
- The App Library search bar (accessed by swiping to the right on the home screen).
Some users have reported that the bug causes the screen to flash black for a second, while others have experienced the Settings app closing or Spotlight returning to the Home Screen.
Interestingly, the bug’s effects seem to vary depending on the device and iOS version:
- Some users report only Settings and Spotlight crashing
- Others have found that it also crashes the App Library
- Devices running iOS 18.1 developer beta and iOS 17.6.1 have shown mixed results.
As of now, Apple has not commented on the issue or provided a fix. However, the company typically addresses such problems quickly through iOS updates.
While this bug is not as severe as previous text-based issues like the 2015 “Effective Power” bug, users can avoid triggering it by refraining from typing these specific characters into the affected search bars. It’s worth noting that this sequence of characters is not commonly used in everyday typing, minimizing the likelihood of accidental triggering.
As Apple continues to investigate and work on a solution, users should remain aware of this quirk in iOS but can rest assured that it does not pose a significant threat to their device’s security or functionality.
Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Acces