Home
Mobiles
Mobiles News
iOS 11 Bug Lets Camera QR Code Reader Redirect s to Malicious Websites: Report

iOS 11 Bug Lets Camera QR Code Reader Redirect s to Malicious Websites: Report 331u1s

By Ankit Chawla | Updated: 26 March 2018 18:20 IST

Highlights

The bug arises as a miscommunication between camera app and Safari
URL in notification preview can be different from actual link
The vulnerability was reported to Apple in December last year

ment

Another day, another QR codes and show link previews in case the QR code contains a URL. However, reports have surfaced online that suggest this feature has an apparent bug that can allow people to change the actual URL that is redirected on clicking the link shown in the notification preview. 1l3y2j

A report by InfoSec Safari. For instance, the report uses facebook.com as the front and the actual URL is https://xxx\@facebook.com:[email protected]/. Scanning the custom QR code will display facebook.com in the notification but clicking on it will open a website not linked with the social media giant. This is said to be because "The URL parser of the camera app has a problem here detecting the hostname in this URL in the same way as Safari does."

This, in turn, is said to cause a miscommunication between the camera app and Safari leading to an evidently major bug. The report claims that Apple was first informed about the bug back on December 23 last year, but as of writing this, the bug has not yet been taken down.

This is not the first instance when iOS 11 has been caught up in a major UI bug incident. Just recently, a privacy vulnerability responded and promised a fix in an software update.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.