Latest iOS 14.7 Beta Patches Bug That Disables iPhone's Ability to Connect to Wi-Fi

The latest beta for iOS and iPadOS 14.7, released to developers this week, patches a bug that disabled an iPhone's ability to connect to Wi-Fi if a user connected to a specific Wi-Fi network with the name "%p%s%s%s%s%n."

ios wifi settings
In his latest video rounding up the latest changes in the beta, YouTuber Zollotech found that the update has silently patched the bug that caused an iPhone to become unable to connect to Wi-Fi networks.

The bug was discovered on Twitter last month and consisted of an ‌iPhone‌ connecting to a Wi-Fi SSID with the name "%p%s%s%s%s%n." According to user reports, doing so would "permanently disable" an ‌iPhone‌'s Wi-Fi functionality, making the bug rather dangerous.

While some have claimed the bug "permanently" disabled their ‌iPhone‌'s Wi-Fi, other users found that resetting their network settings after connecting to the network restored Wi-Fi for the ‌iPhone‌.

Apple has been testing iOS and iPadOS 14.7 with developers and public beta testers for the past few weeks. Apple can be expected to publicly release the update soon, given the crucial bug fix that it provides to ‌iPhone‌ user.

Last month, Apple previewed iOS 15, the next major update to iOS destined for a public launch this fall. The upcoming update to iOS 14 will likely be the last major update to the operating system ahead of ‌iOS 15‌'s fall release.

Top Rated Comments

CarlJ Avatar
15 weeks ago
Sigh. Never use data from external sources without sanitizing it first, and never hand arbitrary data to printf and friends as a template string - sure, it'll work most of the time... but then this.

This is not esoteric guru stuff, it's programming 101 (okay, maybe 201).
Score: 7 Votes (Like | Disagree)
DeepIn2U Avatar
15 weeks ago

COVID will never truly go away, just getting controlled. Just saying.

As for “dangerous”, if a mere resetting network setting could fix it, then it is not so “dangerous”. Inconvenient sure but “dangerous” is slightly over the board.
https://www.forbes.com/sites/gordonkelly/2021/07/06/apple-iphone-wifi-security-hack-ios-iphone-upgrade/?sh=4351967e2b86


The Increased Damage

The first development came via Carl Shou, the reverse engineer who initially discovered the hack ('https://www.forbes.com/sites/gordonkelly/2021/06/20/apple-iphone-warning-wifi-vulnerability-exploit-new-iphone-problem/'). Shou found that joining WiFi networks with specific symbols in their name (SSID) could disable any iPhone’s WiFi until the phone’s network settings were reset. Shou has subsequently managed to increase the damage this hack does ('https://twitter.com/vm_call/status/1411630091038203909'), with WiFi only being restored from a custom factory reset where the iPhone backup file is manually edited to remove malicious entries ('https://twitter.com/vm_call/status/1411753482437148683').


Fears had already been expressed ('https://www.forbes.com/sites/gordonkelly/2021/07/03/apple-iphone-security-warning-airborne-attack-threat-new-iphone-exploit/') that this hack - known as a format string flaw - could be amplified. The end game being to use it to inject and execute malicious code onto devices and even whole networks.

The Hidden Threat

The flip side to this escalating threat, was that iPhone owners would have to join a strangely named WiFi network to be hacked. But the second development suggests this may no longer be the case.
originally reported from above link:

https://www.forbes.com/sites/gordonkelly/2021/07/03/apple-iphone-security-warning-airborne-attack-threat-new-iphone-exploit/?sh=820e3d454ae9


Following revelations last month that all iPhones are vulnerable to a simple WiFi hack ('https://www.forbes.com/sites/gordonkelly/2021/06/20/apple-iphone-warning-wifi-vulnerability-exploit-new-iphone-problem/'), new research ('https://www.aireye.tech/post/the-apple-format-string-bug-from-a-silly-prank-to-an-airborne-attack') from Amichai Shulman, CTO of wireless security specialist AirEye, has claimed this type of threat is potentially more dangerous than was first reported and can also spread to macOS.


“Our response research on the format string flaw revealed that the vulnerability is not only restricted to the iOS operating system,” states Shulman. “It also has the potential to affect the macOS operating system used by many corporations for employee stations.”


“The nature of format string vulnerabilities is that when carefully crafted they can be used to write arbitrary code into random, or chosen, parts of a machine’s memory - and even eventually inject and execute code,” Shulman explains. “Since it is possible for the vulnerable iOS and macOS devices to be connected to the larger corporate network, this code can eventually be used for lateral movement even if it only stemmed from an employee accidentally joining an unknown SSID. Once the malicious code has infiltrated a device on the network, it can exploit corporate data without the need to ‘access the network first’ in the typical ways.”
I'd say it's dangerous enough for Apple to consider it important to patch.
Score: 2 Votes (Like | Disagree)
TheYayAreaLiving Avatar
15 weeks ago
Hopefully it’s out in public next week.
Score: 2 Votes (Like | Disagree)
polyphenol Avatar
15 weeks ago
Saved! I really don't know how I have survived with that bug in 14.6.

Yes - I do realise some people might really have a problem but I suspect the other things in 14.7 are likely far more important to the majority.
Score: 2 Votes (Like | Disagree)
Apple_Robert Avatar
15 weeks ago

My setting will ASK if I want to join any unknown WIFI, so in theory, My phone should be save from this big … yes?
As long the phone prompts for a reply and you don't mess up the reply, you should be fine. The chances of you coming across a public WiFi name that messes up your phone is less than a percent, in my opinion.
Score: 2 Votes (Like | Disagree)
Shirasaki Avatar
15 weeks ago

No this is actually quite important! Glad Apple coding team has made fast work of this - considering more and more of us are now fully able to explore our communities and world again. buy-bye pandemic.
COVID will never truly go away, just getting controlled. Just saying.

As for “dangerous”, if a mere resetting network setting could fix it, then it is not so “dangerous”. Inconvenient sure but “dangerous” is slightly over the board.
Score: 2 Votes (Like | Disagree)

Related Stories

apple releases ios 14 7

Alert: Update to iOS 14.7 Now to Protect Against Dangerous Wi-Fi Bug

Wednesday July 21, 2021 4:13 am PDT by
iPhone users should upgrade to iOS 14.7 immediately to avoid a dangerous bug that disabled the device's Wi-Fi, sometimes irreversibly. Before iOS 14.7, if a user connected to a Wi-Fi network with the name "%p%s%s%s%s%n," a bug completely disabled the device's ability to connect to Wi-Fi. According to user reports, doing so would "permanently disable" an iPhone's Wi-Fi functionality, making...
iPhone 13 Wi Fi 6E feature update

Wi-Fi 6E Explained: What It Could Mean for iPhone 13 and Beyond

Monday August 2, 2021 8:00 am PDT by
The iPhone 13 is widely expected to come with Wi-Fi 6E capabilities, and while it may seem rather nuanced to the average consumer, with only improved speeds and being "up to date" in the realm of Wi-Fi technology, it's actually a fairly significant improvement, laying the groundwork for much of what we know the future holds. To truly understand Wi-Fi 6E, MacRumors sat down for an exclusive...
ios wifi settings

iOS Bug Causes Specific Network Name to Disable Wi-Fi on iPhones

Sunday June 20, 2021 4:15 am PDT by
A wireless network naming bug has been discovered in iOS that effectively disables an iPhone's ability to connect to Wi-Fi. Security researcher Carl Schou found that after joining a Wi-Fi network with the name "%p%s%s%s%s%n" his iPhone's Wi-Fi functionality was left "permanently disabled." Changing a hotspot's SSID did nothing to correct the problem, with even a reboot failing to make a...
tp link deco x76 plus mesh

CES 2021: TP-Link Introduces Line of 6GHz Wi-Fi Routers and Mesh Systems

Monday January 11, 2021 5:30 am PST by
As part of CES 2021, TP-Link today introduced its latest networking offerings, including two mesh Wi-Fi 6E systems, two tri-band Wi-Fi 6E routers, and more. Deco X76 Plus Wi-Fi 6E offers the features and capabilities of Wi-Fi 6, including higher performance, lower latency, and faster data rates, extended into the 6GHz band. The additional spectrum will provide a lot more airspace beyond...
ipad pro m1 feature

Deals: Take Up to $100 Off 2021 iPad Pro Models in Wi-Fi and Cellular

Friday October 15, 2021 7:59 am PDT by
Today we're tracking solid discounts on the 2021 iPad Pro in both 11-inch and 12.9-inch configurations. You'll have a chance to save up to $100 on these models, and this sale includes both Wi-Fi only tablets and cellular models. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. ...
iPhone 13 Wi Fi 6E greener2

iPhone 13 Models Again Rumored to Support Faster Wi-Fi 6E

Tuesday January 26, 2021 10:50 am PST by
Apple plans to release its first iPhones with Wi-Fi 6E support in 2021, according to Barclays analysts Blayne Curtis and Thomas O'Malley. In a research note shared with MacRumors today, the analysts wrote that investor sentiment surrounding Apple supplier Skyworks has become "too negative" given that the semiconductor company will apparently be supplying various components for this year's...
iPad Pro Feature

Deals: Take Up To $100 Off 2021 iPad Pro Tablets at Amazon

Friday October 1, 2021 6:28 am PDT by
Amazon today has a few deals on the 2021 iPad Pro in both 11-inch and 12.9-inch configurations. You'll have a chance to save up to $100 on these models, and this sale focuses on Wi-Fi only tablets and they're all available on Amazon. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site...
linksysvelop

Apple Adds New Products to Online Store, Including Linksys Velop Wi-Fi 6 Mesh Routers With HomeKit Support

Monday July 19, 2021 9:26 am PDT by
Apple recently added several new products and accessories to its online store, including the Linksys Velop AX4200 mesh Wi-Fi 6 system, with one node priced at $249.95, a two-pack priced at $399.95, and a three-pack priced at $499.95. Mesh technology offers whole home Wi-Fi coverage that is easily expandable by adding additional nodes, with Wi-Fi 6 offering faster speeds with lower latency...
iPad Pro Feature Orange

Deals: Amazon Taking Up to $100 Off 2021 iPad Pro Tablets

Friday September 10, 2021 6:22 am PDT by
Today we're tracking a handful of deals on the 2021 iPad Pro in both 11-inch and 12.9-inch configurations. You'll have a chance to save up to $100 on these models, which also focus on Wi-Fi only tablets and are all available on Amazon. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site...
iOS 15 General Feature Purple

Apple Releases iOS 15.0.2 With Messages Photo Bug Fix, Security Update and More

Monday October 11, 2021 10:04 am PDT by
Apple today released iOS 15.0.2, the second update to the iOS 15 operating system that was released in September. iOS 15.0.2 comes a week and a half after the launch of iOS 15.0.1, a bug fix update. The iOS 15.0.2 update can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings > General >...