Skip to main content

iPhone Owners Have Another Phone-Crashing Bug To Worry About

You might want to avoid opening any videos on your iPhone for a while.

A newly discovered bug allows a five-second video, which is believed to have some kind of memory leak, to crash any iPhone just a few seconds after you watch it on your device. The display no longer responds, the home button stops working, and even the power button won't have any effect on affected devices. The only way to unfreeze a phone so indisposed is to perform a hard restart by holding down several buttons on the device at the same time.

Tom's Hardware tested the bug on an iPhone 7 running the latest version of iOS. Playing the video using the iPhone's default media player doesn't appear to cause any problems, but opening a link to the video in Safari brought our test subject to a halt, which also means we can confirm that a hard restart solves the problem. (We won't link directly to the video that causes this problem, but it's easy to find with even a cursory Web search.)

This isn't the first time a bug has brought the iPhone to its knees, and it probably won't be the last. Although some people might view the glitch as the perfect way to prank someone--it doesn't cause permanent damage, after all, and requires little effort--it actually highlights just how easy it is to disrupt someone's access to vital services. An iPhone is more than just an entertainment device; it's a central aspect of many people's everyday lives.

The popular idea of a "hacker" involves someone hunched over a laptop writing complex malware to exploit previously unknown vulnerabilities. Most of the time that isn't the case: Attacks often involve little more than basic technical skills. Sometimes that involves using readily available tools to bring down one of the internet's biggest DNS providers, for example, or accessing Internet of Things devices that use default usernames and passwords.

Even cautious people can fall prey to these attacks. Receiving a link to a video isn't all that strange, especially if it comes from a number someone recognizes, and the effects of watching this particular clip on an iOS device aren't immediately obvious. The iPhone is a mostly secure device, but even seemingly innocuous glitches like this can make it easy for someone to disrupt another person's connection to the outside world with naught but a link.

All of which makes it easy to question the attention this bug has gotten. Wouldn't it be better to quietly disclose the problem to Apple, wait for the issue to be fixed, and then make it public? That's how responsible disclosure usually works: Someone finds a problem with a product, reports it to the company responsible for securing that product, and then gives them some time to address the issue before revealing the exploit to the public.

But the publicity of this glitch might actually be a good thing. In addition to all but ensuring that Apple will respond to the problem, it also provides the perfect opportunity to learn some basic security practices. This is a basic vulnerability that doesn't appear to put any personal information at risk, takes a few seconds to resolve, and will probably be fixed sooner rather than later. Better to learn not to open links from strangers, or those that lead to unfamiliar websites, as a result of this glitch than to be affected by more sophisticated attacks meant to gather as much data or cause as much harm as possible.