Bats Can No Longer Haunt Apple VR Headsets Via Web Exploit

The article discusses an intriguing bug discovered in the visionOS operating system, which allows malicious websites to fill a user’s 3D space with animated objects such as screeching bats or spiders. This bug exploits the Apple AR Quick Look feature, an HTML-based tool for rendering 3D augmented reality content in Safari. The unique aspect of this bug is that it launches these animated objects into a user’s virtual space without any user interaction, and closing the browser does not remove them due to Quick Look being a separate process.

This bug, though fixed, raises questions about the implications of such unexpected behavior in immersive 3D content delivered via web browsers, especially on VR headsets like the Apple Vision Pro. While it may not fit traditional classifications such as denial-of-service or privilege escalation, the invasion of personal space and user boundaries could potentially have significant psychological impacts. As these new platforms evolve, the quantification of such effects may become a crucial aspect of bug classification and mitigation.

.st1{display:none}See more