Fix for ‘chaiOS’ Malicious Link Issue in Messages Coming Next Week

Posted in Apple News, iOS on 19/01/2018 by Chris Hauk


Apple has confirmed that a fix is coming next week for the “chaiOS” issue that allows a malicious link to freeze the Messages app on iOS devices.

Fix for 'chaiOS' Malicious Link Issue in Messages Coming Next Week


A software update coming next week will fix an issue that allows a malicious link to freeze the Messages app on the iPhone and iPad, Apple confirmed to MacRumors this morning. 

Apple is likely talking about iOS 11.2.5, which is nearing the end of the beta testing period. iOS 11.2.5 beta 6, as we discovered yesterday, does indeed address the issue and prevents the malicious link from working. 

The public release of iOS 11.2.5 is expected to happen next week. We should also see the public release of macOS High Sierra 10.13.3, watchOS 4.2.2, and tvOS 11.2.5 at the same time.

Users who receive the link in the in their Messages app see the app freeze completely. Users then have to quit the app and then delete the conversation that contains the malicious app in order to allow the Messages app to recover. Users need not actually tap on the link to open it to cause the crash, due to Messages’ URL preview functionality.

The malicious link went to a page on GitHub, but the malicious page has been taken down. This should prevent any issues based on this software flaw, unless someone else posts a similar page and begins sending the link out. Watch out for texts from any particularly mischievous users in your contact lists, or from unknown parties.


Chris Hauk

MacTrast Senior Editor, and self-described "magnificent bastard," Chris Hauk owns Phoenix Rising Services and writes for everyone's favorite "bad movie" website, Big Bad Drive-In.

His first Apple product was an iPod Classic 9 years ago, and he has since added a MacBook Pro, a number of iPads, iPhones, and multiple Apple TVs to his collection.

He lives somewhere in the deep Southern part of America. Yes, he has to pump in both sunshine and the Internet.