Reverse engineering specialist Carl Schou has identified a bug in the iPhone system software, due to which, when connected to an access point with a specific name, the Wi-Fi module built into the smartphone is disrupted. It is noteworthy that neither rebooting the device nor changing the network name helps to restore functionality.
According to reports, Carl Schou experimentally created a Wi-Fi hotspot named “% p% s% s% s% s% n” and tried to connect to it. It turned out that after passing the authentication, his iPhone simply automatically turned off the Wi-Fi function and did not allow it to be reactivated. The performance of the wireless adapter did not recover even after restarting the smartphone.
“After connecting to my personal Wi-Fi with SSID ‘% p% s% s% s% s% n’; my iPhone disabled the Wi-Fi function permanently. Neither rebooting nor changing the SSID will correct the situation, ” Carl Schou wrote on Twitter. This experiment used an iPhone XS running iOS 14.4.2. The source notes that the presence of the bug has been confirmed on iPhones with iOS 14.6, the Wi-Fi function on it also turned off when connected to an access point with the previously mentioned name.
The only way to restore Wi-Fi functionality in this case is to reset the network settings on the iPhone to factory defaults. The detected bug is quite serious; since it can be in use by cybercriminals to launch such access points in crowded places for the purpose of sabotage.
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~) pic.twitter.com/2eue90JFu3
— Carl Schou (@vm_call) June 18, 2021
Older iPhones received a security update
Recently, Apple has unexpectedly released an operating system update for those iPhones and iPads; that are already too old and do not support iOS 14 or even iOS 13. The new version of the software address security vulnerabilities in Apple.
iOS 12.5.4 will not provide users of older smartphones and tablets with additional functions; this is a “patch” for eliminating critical vulnerabilities – potential targets for hacker attacks. Devices compatible with the new software include the iPhone 5S, iPhone 6, and iPhone 6 Plus; as well as the sixth-generation iPod touch, the first iPad Air, iPad Mini 2, and iPad Mini 3.
According to Apple, build 16H50 removes code from the operating system with a hidden vulnerability that could potentially lead to memory corruption. Additionally, it fixes two shortcomings of the WebKit browser engine; which allowed attackers to use malicious web content to launch arbitrary programs on a smartphone. According to Apple, both vulnerabilities “could be actively exploited”. In any case, all owners of older Apple products should check in the settings for an update; and install it immediately.
This isn’t the first security update Apple has released for older devices. In May, the company released iOS 12.5.3 to “cure” some memory corruption issues and optimize the system; iOS 12.5.2 was available in March, and iOS 12.5.1 in January.