iOS WebKit Vulnerability

RABA Services iOS crash

Recently a security researcher found a vulnerabilities in the WebKit rendering engine used by Safari which will crash / restart your MacOS / iOS devices. Ironically, since Apple forces all browsers / HTML capable apps in the AppStore to use the WebKit, it will most likely crash any apps that capable of loading a web page.

The vulnerability can be exploited by loading a simple web page with a specially crafted CSS code that create a backdrop-filter effect to a series of nested DIV segments. The backdrop-filter is a relatively new CSS property that works by blurring or colour shifting the area behind an element. It is a heavy processing task which by rendering of this effect takes a toll on iOS graphic processing library.

Apple has been notified of this vulnerability and are investigating it. Meanwhile, please be careful before clicking any link.



(this link will redirect you to the page containing the code)


This post is for awareness and learning purposes only, please be aware of the risk that may occur on your device(s).

– BroTech –

Comments are disabled.