While Android may be targeted by 79% of mobile malware attacks (according to a joint FBI/Homeland Security report), a bug in Apple’s Core Text font-rendering framework could leave apps on iOS 6 and OS X 10.8 “Mountain Lion” open to attack as well.
Habrahabr.ru, a Russian collaborative blog about IT and computer science, uncovered a DoS exploit in Apple’s WebKit engine that enables hackers to remotely crash apps or render them unusable. They do note, however, that the bug does not affect beta versions of iOS 7 and OS X “Mavericks.”
The post—translated into English—explains that the bug can infiltrate iOS 6 and OS X 10.8 systems through a string of SMS texts or iMessages to an iPhone, iPad, iPod touch or Mac. The vulnerability can lead to crashes in iMessage as well as Safari if the strings of messages access and rename the user’s WiFi network.
The Habrahabr report also states that Apple has been aware of the vulnerability for six months without patching the exploit, though that claim has not been verified.