CSS Attacks to Restart iPhone or Freeze a Mac

Windows Articles

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...

Security is something that that must stay safe all the time, no matter the cost, right? When we first heard about Meltdown and Spectre, we went as far as to disable the cool (dangerous?) features that even slowed our systems down. Now, even the iOS and macOS is susceptible to attacks! Yes, that’s a fact.

We all knew that Apple is the top-class company when we talk about security, right? Now, researchers were able to find out a way to make sure that you would face a glitch while visiting specific websites. These websites only use HTML and CSS.

Jokes aside, let’s get to the real news.

CSS to restart iOS and freeze macOS

It’s sort of surprising, but security researchers were able to perform attacks using HTML and CSS only on iOS and macOS. Fortunately, Windows and Linux users are not affected by the issue. Sabri Haddouche, a security researcher at Wire, discovered this new attack. Using this technique, he was able to quickly hog up all the resources of Apple devices.

According to Haddouche, the weakness lies in the “-webkit-backdrop-filter” CSS property. Using nested DIVS with that property, it’s easily possible to consume all the graphic resources and crash/freeze the OS. There’s no necessity to JavaScript. That’s why it successfully works on other places like Mail.

Unfortunately, iOS is the most susceptible to this attack as well as Safari and Mail in macOS. All of them use the WebKit rendering engine.

Depending on the version of iOS, the attack may cause a UI restart or even a kernel panic and a device reboot. As a demo, Haddouche performed this attack on an iOS 12 and the device rebooted completely whereas an iOS 11.4.1 caused a respring.

Visit a web page and get attacked!

The attack doesn’t require anything especial trick; just only visiting a special CSS and HTML website is more than enough. Here’s the perfect demo of the attack.

Unfortunately, there’s currently no mitigation or solve to this problem. You can keep yourself safe by following basic safety rules like not clicking any random link. The fix will eventually come, though. So, stay sharp!

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...

Install Virtualmin on CentOS 8

Hello, friends. In this post, you will learn how to install Virtualmin on CentOS 8. In addition to that, we will leave it ready...
x