iOS Security News: iPhone Users Warned of 'chaiOS' Link That Freezes Devices; Fix Arrives Next Week

By Jessica Ferrera, Christian Post Contributor

iPhone users were recently warned about a website link being sent around through iMessage that could freeze or automatically restart their device. Apple has now identified the issue and a fix is promised to arrive next week.

The security flaw, which is now referred to as chaiOS, was originally discovered and tested by software developer Abraham Masri.

The vulnerability specifically works against the Messages app when exploited. When website links arrive through Messages, the application is programmed to preload the page, which is why a user can view its thumbnail even before opening or clicking on it.

Get Our Latest News for FREE

Subscribe to get daily/weekly email with the top stories (plus special offers!) from The Christian Post. Be the first to know.

Masri told BuzzFeed he had created a page hosted on GitHub where he placed "hundreds of thousands of characters" in its metadata. This amount of information was obviously way more than what the Messages app was built to recognize, which explains why the modified link and page crashed the application and even forced the entire device to reboot.

Several people who have tried receiving the chaiOS link confirmed that it really caused the Messages app to freeze. It also resulted in several other issues such as a phone reboot or respring. The latter process refers to when an iPhone is unable to complete a function and the device ends up showing the lock screen.

One of the people who tried the chaiOS link, Twitter user @aaronp613, also told BuzzFeed: "The device will freeze for a few minutes. Then, most of the time, it resprings." He added that after receiving the link, his Messages app continued crashing while its contents were unable to load.

Meanwhile, Masri's repository for the webpage has reportedly been taken down.

As of the moment, the fix for the chaiOS is only available for the iOS 11.2.5 beta 6 that is still limited to a developer release. While waiting for the public version of the patch, reports listed several ways to fix an iPhone that was sent a chaiOS link which included blocking the GitHub.io domain on Safari and performing a factory reset.

Was this article helpful?

Help keep The Christian Post free for everyone.

By making a recurring donation or a one-time donation of any amount, you're helping to keep CP's articles free and accessible for everyone.

$25/month$50/quarter$100/yearOne-time

We’re sorry to hear that.

Hope you’ll give us another try and check out some other articles. Return to homepage.

Most Popular

More Articles