New GlyphPatch tweak patches recently exposed DoS exploit in iOS

By , Sep 1, 2013

hi-res ios 6 logo

Filippo Bigarella has released a new jailbreak tweak this weekend called GlyphPatch. The utility patches the recently exposed DoS exploit which targets Safari’s WebKit engine and causes apps to crash when rendering a malicious sequence of characters.

The bug, which was made public last week, affects users on both iOS and Mac and can be triggered through a few different surfaces: SMS, iMessage, the web, and network SSID. But jailbroken iOS users can protect themselves from it with this new tweak…

From the GlyphPatch Cydia description:

On Aug 29th, 2013, a DoS (Denial of Service) exploit targeting iOS / OS X was disclosed. This exploit is based on a vulnerability affecting iOS / OS X characters rendering engines: this tweak aims to patch that vulnerability in order to protect the user from this kind of attacks, since the exploit can be triggered through different surfaces (SMS, iMessage, web, network SSID). 

Admittedly, some of this stuff goes over my head. But the developer behind the discovery has posted a detailed explanation of the bug:

ios-mac bug

It doesn’t sound like the bug affects any other operating systems, or allows anyone else to access your device remotely because of it. It’s just annoying because it can cause your Messages/Safari apps to become unstable, and can stall SSID scanning attempts.

Either way, if you’re concerned about it, you can grab Filippo’s GlyphPatch tweak from Cydia. There’s no settings or options to configure—simply install it from the BigBoss repo and it will take effect. A Mac version of the tweak is in the works, more info here.

  • Share:
  • Follow:
  • Leafs99

    Well I would hope Apple patches this exploit in iOS 7 as it seems to have been already patched in OSX Mavericks.

    • ac3xx

      It is patched in iOS 7, nobody on any developer previews has been affected at all.

      • http://hbang.ws/ Adam D

        Not patched per se, just iOS 7 uses a completely different text rendering system instead of WebKit (which is where the code that causes the crash is).

  • Patrick

    so whats the malicious code to make this happen anyone???

  • Marcus Daniel Houser

    This:
    سمَـَّوُوُحخ ̷̴̐خ ̷̴̐خ ̷̴̐خ امارتيخ ̷̴̐خ

    I think

    • Johnny

      At least I know the tweak works, this page was crashing before I installed the tweak.

      • Marcus Daniel Houser

        yeah I guess a image of it would have been better… not the actual text

      • chumawumba

        It would be funny if you copy and pasted that text into every pages on iDB. Imagine the complaints that would come about how the website did not work.

      • Elias Chao

        I was trying to read the article but I couldn’t on both Chrome & and Safari until I installed the tweak.

    • Jer

      I’m on Safari and viewing this with no crash so….

      • Tony Klapatch

        iOS version?

  • seyss

    it’s a stupid bug that crashes the current app. so far there’s no way to run any virus with it.. test it yourself:

    twitter dot com/daken_/status/303784082599456768

    PS: if you cant make it back to Safari (lol n00b) just clear Safari Cache in Settings

    • mehrab

      Works on ios 7 fine

  • hkgsulphate

    It works! =)

  • ✪ aidan harris ✪

    Is this the same bug that affected Sentry and other jailbreak developers a while back that caused their message apps to screw up and crash big time?

  • abdullah575

    Only for arabic users !!!

  • Schryliam

    Well my settings crash many times when I try to scan for Wi-Fi
    And safari is just gone by me. And then not just blocked or the icon is hid. No just deleted. Totally gone. Got only bookmarks left what I saved on my home screen but when I press them they turn black and become normal again like pressing an app as normal or sometimes a little white flash real quick.
    But don’t guess it’s caused by this

  • https://twitter.com/MrElectrifyer MrElectrifyer

    Really? It’s that easy to make apps crash on iOS/Mac OSX? Just with a block of text? What a solid OS…

    • http://hbang.ws/ Adam D

      Oh no, Apple made an OS that isn’t perfect! An OS having bugs is absolutely unacceptable! Windows doesn’t have any bugs, better switch to that!

      • https://twitter.com/MrElectrifyer MrElectrifyer

        There sure are bugs on Windows, but at least none of them were as simple as viewing a block of text…unlike The world’s most advanced desktop/mobile operating system.

  • Hugh Jassol

    Why was this removed from cydia?

    I don’t see it anymore.