iOS is generally considered to be secure, but a recently-discovered bug that disables the Messages app reveals that not even Apple’s mobile operating system is free from vulnerabilities.
The exploit, discovered by software developer Vincedes3, involves a complex vCard, which is a transferable Address Book contact. Whereas typical vCards feature 200-300 lines of code, the developer’s vCard reportedly includes 14,281. As a result, when Messages tries to open the vCard, the app crashes.
These crashes are not a one-time event, unfortunately — they happen every time you open Messages, since the app tries to open the most recent message. As such, restarting the phone or the app will not work, since the cycle will repeat itself.
If you use an iOS device and are affected by the exploit, Vincedes3 does offer two possible solutions, the first being to open this link in Safari. The link opens a window to send a new message, cancel, and delete the message that led to the Messages crash. Alternatively, you can send yourself a message and open it through Siri. This brings you back to the Messages app and lets you delete the culprit message.
According to Vincedes3, the exploit affects any iOS device that runs iOS 8 through 10. Given the nature of the exploit, as well as the numerous reports, odds are that Apple will push out a fix relatively quickly. In the meantime, it would be wise to not open any vCards until that fix arrives.
The exploit brings to mind the one discovered in May 2015, which brought the Messages app to its knees with a string of characters. It has since been fixed, but Apple’s workaround at the time involved asking Siri to “read unread messages” and to reply to the message. Once that is done, you could go in and delete the offending message.
