A security researcher has found a flaw in iOS that does not allow a user to connect their iPhone to Wi-Fi networks. Carl Schou previously found the bug that triggers when you connect your iPhone to a network with the Service Set Identifier (SSID) “%p%s%s%s%s%n”. The bug seems to disable the Wi-Fi radios on the iPhone, making them inoperable. It does not stop there as the bug further results in making AirDrop unusable. AirDrop requires the user to enable the iPhone’s Wi-Fi and Bluetooth setting.
The same security researcher has found another such bug having the same effect on iPhones. Schou claims that if an iPhone comes in the range of a WiFi network named ‘%secretclub%power’, it will no longer be able to use Wi-Fi.
Seriously, I still don’t have WiFi pic.twitter.com/AaF9IQBvCp
— Carl Schou (@vm_call) July 4, 2021
While one could get the previous issue fixed by resetting their iPhone’s network settings, the new bug might need another way around. The researcher states that this issue persists even after resetting the network settings.
9to5Mac might have found the cause of the issue. It states that ‘%[character]’ syntax is commonly used in programming languages to format variables into an output string. In C, the ‘%n’ specifier means to save the number of characters written into the format string out to a variable passed to the string format function. The Wi-Fi subsystem probably passes the Wi-Fi network name (SSID) unsanitised to some internal library that is performing string formatting, which in turn causes an arbitrary memory write and buffer overflow. This will lead to memory corruption and the iOS watchdog will kill the process, hence effectively disabling Wi-Fi for the user.
In short, to avoid disabling your iPhone’s Wi-Fi connectivity, it is best to not connecting it to a Wi-Fi network having a” %” sign in the name. Apple is yet to acknowledge the issue. There is no official answer to fix the issue either. Therefore, stay away from connecting your iPhone to unknown Wi-Fi networks.
Thanks for reading till the end of this article. For more such informative and exclusive tech content, like our Facebook page