- iOS bug was found by ex-NSA security researcher Patrick Wardle
- Bug crashed iOS devices in certain regions every time they typed Taiwan
- Apple has issued a fix with the iOS 11.4.1 update
An iOS bug found by ex-NSA security researcher Patrick Wardle crashed users’ iPhone, iPad, and iPod touch models in certain regions every time they typed Taiwan in iMessage, Facebook, WhatsApp, or any other app, or received the Taiwanese flag emoji. The denial of service bug was live in iOS 11.3 and was seen affecting an iPhone 7 device, but, Apple has issued a fix with the iOS 11.4.1 update released just a few days ago. Wardle notes that while digging into the code for possible problems, he found out that various code to the faulting instruction was checking the user’s device’s language/ locale settings for China.
The bug (CVE-2018-4290) also had a temporary fix, and that was to go and switch your region on the iPhone from China to US, and then switch it back to China. Wardle notes in a blog post documenting the bug, that Apple had added code to remove the Taiwanese flag emoji from the emoji keyboard to appease the Chinese government. Emojipedia also confirms this on its site by saying, “This flag is hidden from the emoji keyboard on iOS devices where the region is set to China. Chinese iPhones won’t display this flag and will instead show a missing character tofu.”
Wardle said the code written to remove the references to the word and the flag emoji was buggy, and is what caused the crash. He added, “And if Apple hadn’t tried to appease the Chinese government in the first place, there would be no bug!”
Apple acknowledges as much in its changelog for CVE-2018-4290, “Impact: Processing an emoji under certain configurations may lead to a denial of service. Description: A denial of service issue was addressed with improved memory handling.” Wardle noted that the bug only affected devices in certain “region-less” configurations.
China is the most populated country and the largest smartphone market in the world, and Apple would put an extra effort to please the large target audience. But this iOS bug brings to light that the company also tries to appease the government on some occasions. “Though Apple loves to exude an aura of ‘users first’, the reality is they are first and foremost a corporation. As such their primary objective is always profit,” Wardle notes.