Only a couple of weeks after the initial iPhone Wi-Fi bug was found, the same security researcher Carl Schou has found another similar issue.
Schou tweeted today that if an iPhone comes in range of a Wi-Fi network named ‘%secretclub%power’, then that iPhone will no longer be able to use Wi-Fi or Wi-Fi related features. Schuo even says that this bug persists when resetting network settings.
It seems the only workaround for this particular issue would be a hard factory reset of the device. 9to5Mac did not independently test this, nor do we recommend others try.
The earlier issue relied on the iPhone encountering a network name with the SSiD “%p%s%s%s%s%n” and the user attempting to connect to it. However, that bug was fixable by resetting iPhone network settings in the Settings app. This new problem appears more severe as it can trigger as soon as the iPhone comes in range of a malicious public Wi-Fi hotspot using that poisoned name.
Clearly, the underlying bugs are related as both ‘%secretclub%power’ and ‘%p%s%s%s%s%n’ exploit a string format coding error somewhere in the underlying iOS networking stack.
At this point, it seems likely that there are many more variants of bug-inducing network names that use the ‘%s’, ‘%p’ and ‘%n’ character sequences. You can read our previous coverage for a guess at what might be happening behind the scenes here.
From the perspective of an individual user, the best safety precaution is to simply avoid connecting to Wi-Fi networks that contain percent symbols in their name. Then wait for the inevitable software update where Apple will fix the OS bug that is causing the denial of service.
Author: Benjamin Mayo
Source: 9TO5Google
