Incident: iOS Devices Crash Due to Malicious Video Bug in Safari

Published Date: 2016-11-22

Postmortem Analysis
Timeline 1. The software failure incident with the malicious video crashing iPhones and iPads happened earlier this year [49482]. Therefore, the incident likely occurred in 2016.
System 1. Apple's iOS operating system failed to handle the problem caused by a corrupt video file when opened in Apple's Safari web browser, leading to devices slowing down and eventually grinding to a halt [49482].
Responsible Organization 1. The malicious video hosted on a Russian social networking site, Miaopai, was responsible for causing the software failure incident on Apple's iOS devices [49482].
Impacted Organization 1. Apple (iOS devices) [49482]
Software Causes 1. The software cause of the failure incident was a corrupt video file hosted on a Russian social networking site, Miaopai, which triggered a memory leak chain when opened in Apple's Safari web browser, leading to the device slowing down and eventually crashing [49482].
Non-software Causes 1. The malicious video hosted on a Russian social networking site, Miaopai, was a non-software cause of the failure incident [49482]. 2. The corrupt file in the form of a short .mp4 clip with the words 'Honey' written across the screen was another non-software cause of the failure incident [49482].
Impacts 1. The software failure incident caused iPhones and iPads to slow down and eventually grind to a halt after just 30 seconds when playing a specific malicious video hosted on a Russian social networking site [49482]. 2. The glitch resulted in a memory leak chain when the corrupt video file was opened in Apple's Safari web browser, leading to the device freezing and becoming unresponsive [49482]. 3. Users had to perform a force reboot of their devices to resolve the issue, with different methods for older and newer iPhone models [49482]. 4. The incident did not have any reported long-term effects on the devices [49482]. 5. The software failure incident affected various versions of iOS, stretching back to iOS 5 released in 2011, impacting a wide range of iPhone and iPad models [49482].
Preventions 1. Implementing stricter file validation checks to prevent corrupt files from causing memory leaks when opened in the Safari web browser [49482]. 2. Conducting thorough security testing and vulnerability assessments on the Safari browser to identify and mitigate potential risks associated with malicious videos or files [49482]. 3. Enhancing the error handling capabilities of the iOS operating system to better manage and recover from memory leaks or unexpected behaviors triggered by corrupt files [49482]. 4. Providing timely software updates and patches to address known vulnerabilities and bugs, ensuring that users are protected from emerging threats like the iPhone-freezing video [49482].
Fixes 1. A force reboot of the device should resolve the issue. On older iPhones, a force reboot is activated by pressing and holding the home and lock buttons together for around ten seconds. On newer models like the iPhone 7, simply press and hold the lock and volume-down buttons together [49482].
References 1. The Next Web [49482] 2. Everything Apple Pro [49482]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization (a) The software failure incident of a malicious video crashing iPhones and iPads has happened again at Apple. Earlier in the year, Apple faced a similar bug on its iOS devices through Safari, where a bug froze some Apple devices. Users worldwide experienced the issue on both iPhones and iPads. Apple rapidly resolved the previous issue within a few days, and they will likely be keen to address this new bug quickly as well [49482]. (b) The software failure incident of the malicious video crashing iPhones and iPads has not been reported to have happened at other organizations or with their products and services.
Phase (Design/Operation) design (a) The software failure incident related to the design phase: The incident of the malicious video crashing iPhones and iPads is attributed to a bug in Apple's iOS operating system when handling a corrupt video file opened in Safari. The bug causes a memory leak chain, leading to devices slowing down and eventually halting. This bug was not specific to any particular iOS version, affecting devices back to iOS 5 released in 2011 [49482]. (b) The software failure incident related to the operation phase: The failure due to operation or misuse of the system is not explicitly mentioned in the provided article.
Boundary (Internal/External) within_system (a) within_system: The software failure incident, in this case, the bug causing iPhones and iPads to crash when playing a specific video, is primarily within the system. The bug is triggered by a corrupt video file that initiates a memory leak chain when opened in Apple's Safari web browser, leading to the device slowing down and eventually halting [49482]. The issue originates from how the iOS operating system handles the corrupt file, indicating an internal system flaw rather than an external factor.
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident in the article is related to non-human_actions. The bug was triggered by a malicious video hosted on a Russian social networking site, Miaopai. Playing the video caused devices to slow down and eventually grind to a halt due to a corrupt file starting a memory leak chain when opened in Apple's Safari web browser. The incident did not involve any direct human actions but rather a corrupt video file causing the issue [49482]. (b) The software failure incident in the article was not directly caused by human actions. However, users were advised on how to fix the issue by performing a force reboot of the device, which is a human action to resolve the glitch. Additionally, users worldwide experienced the issue on both iPhones and iPads, prompting suggestions like turning off 'Safari Suggestions' in settings to mitigate the problem. Apple engineers were also mentioned to be working on developing a new patch to fix the bug, which involves human actions to address the issue [49482].
Dimension (Hardware/Software) hardware, software (a) The software failure incident reported in the articles is primarily due to contributing factors that originate in hardware. The incident involves a malicious video that, when played on iOS devices, causes them to slow down and eventually crash. The video is described as a corrupt file that triggers a memory leak chain when opened in Apple's Safari web browser, leading to the devices grinding to a halt [49482]. (b) The software failure incident also has contributing factors that originate in software. The bug is described as a glitch in Apple's iOS operating system that fails to handle the problem caused by the corrupt video file, resulting in the devices slowing down and crashing. This indicates a software issue within the iOS operating system that is exploited by the corrupt video [49482].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident described in the articles is malicious in nature. The incident involves a malicious video circulating on the web that is designed to crash almost any model of iPhone or iPad when played. The video is hosted on a Russian social networking site and is a corrupt file that triggers a memory leak chain when opened in Apple's Safari web browser, causing the devices to slow down and eventually grind to a halt. The incident is intentional and aimed at disrupting the normal functioning of Apple devices [49482].
Intent (Poor/Accidental Decisions) poor_decisions (a) The software failure incident related to the malicious video crashing iPhones and iPads can be attributed to poor_decisions. The incident was caused by a corrupt video file hosted on a Russian social networking site that triggered a memory leak chain when opened in Apple's Safari web browser, leading to devices slowing down and eventually grinding to a halt [49482]. This indicates that the glitch was a result of poor decisions in terms of handling corrupt files and memory management within the iOS operating system.
Capability (Incompetence/Accidental) accidental (a) The software failure incident related to development incompetence is not explicitly mentioned in the provided article. Therefore, it is unknown if the incident was due to factors introduced by lack of professional competence. (b) The software failure incident was accidental in nature. The incident was caused by a malicious video circulating on the web that would crash almost any model of iPhone or iPad when played. The video was a corrupt file triggering a memory leak chain when opened in Apple's Safari web browser, leading to devices slowing down and eventually halting. The issue was not intentional but accidental, as users were not aware that playing the video would cause their devices to crash [49482].
Duration temporary The software failure incident related to the malicious video crashing iPhones and iPads is temporary. The incident causes devices to slow down and eventually grind to a halt after just 30 seconds of playing the video. However, a force reboot of the device is reported to resolve the issue, and no long-term effects have been reported [49482].
Behaviour crash, other (a) crash: The software failure incident described in the articles is a crash. Playing a malicious video on iOS devices causes them to slow down and eventually grind to a halt after just 30 seconds, leading to a system crash [49482]. (b) omission: There is no specific mention of the software failure incident omitting to perform its intended functions at an instance(s) in the articles. (c) timing: The software failure incident is not related to the system performing its intended functions correctly but too late or too early. (d) value: The software failure incident is not related to the system performing its intended functions incorrectly. (e) byzantine: The software failure incident is not related to the system behaving erroneously with inconsistent responses and interactions. (f) other: The behavior of the software failure incident is a crash, where the system loses state and fails to perform any of its intended functions as a result of playing a specific malicious video [49482].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence unknown (a) death: People lost their lives due to the software failure (b) harm: People were physically harmed due to the software failure (c) basic: People's access to food or shelter was impacted because of the software failure (d) property: People's material goods, money, or data was impacted due to the software failure (e) delay: People had to postpone an activity due to the software failure (f) non-human: Non-human entities were impacted due to the software failure (g) no_consequence: There were no real observed consequences of the software failure (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? The software failure incident described in the articles did not result in any of the consequences mentioned above. The incident primarily caused devices to slow down and eventually grind to a halt after playing a specific malicious video, but there were no reports of any serious physical harm, loss of life, impact on basic needs, property damage, or significant delays. Additionally, there were no non-human entities mentioned to have been impacted by the software failure. The main consequence was the inconvenience caused to users of Apple's iOS devices.
Domain information (a) The software failure incident reported in the articles is related to the information industry, specifically affecting Apple's iOS devices like iPhones and iPads. The incident involved a malicious video that caused devices to slow down and eventually grind to a halt when played on Apple's Safari web browser [49482]. The bug was triggered by a corrupt video file leading to a memory leak chain, impacting the performance of the devices [49482]. (b) There is no information in the articles indicating that the software failure incident is related to the transportation industry. (c) There is no information in the articles indicating that the software failure incident is related to the natural resources industry. (d) There is no information in the articles indicating that the software failure incident is related to the sales industry. (e) There is no information in the articles indicating that the software failure incident is related to the construction industry. (f) There is no information in the articles indicating that the software failure incident is related to the manufacturing industry. (g) There is no information in the articles indicating that the software failure incident is related to the utilities industry. (h) There is no information in the articles indicating that the software failure incident is related to the finance industry. (i) There is no information in the articles indicating that the software failure incident is related to the knowledge industry. (j) There is no information in the articles indicating that the software failure incident is related to the health industry. (k) There is no information in the articles indicating that the software failure incident is related to the entertainment industry. (l) There is no information in the articles indicating that the software failure incident is related to the government industry. (m) The software failure incident is not related to any of the industries mentioned in options (a) to (l).

Sources

Back to List