Latest iOS 14.7 Beta Patches Bug That Disables iPhone's Ability to Connect to Wi-Fi

by

The latest beta for iOS and iPadOS 14.7, released to developers this week, patches a bug that disabled an iPhone's ability to connect to Wi-Fi if a user connected to a specific Wi-Fi network with the name "%p%s%s%s%s%n."

ios wifi settings
In his latest video rounding up the latest changes in the beta, YouTuber Zollotech found that the update has silently patched the bug that caused an iPhone to become unable to connect to Wi-Fi networks.

The bug was discovered on Twitter last month and consisted of an ‌iPhone‌ connecting to a Wi-Fi SSID with the name "%p%s%s%s%s%n." According to user reports, doing so would "permanently disable" an ‌iPhone‌'s Wi-Fi functionality, making the bug rather dangerous.

While some have claimed the bug "permanently" disabled their ‌iPhone‌'s Wi-Fi, other users found that resetting their network settings after connecting to the network restored Wi-Fi for the ‌iPhone‌.

Apple has been testing iOS and iPadOS 14.7 with developers and public beta testers for the past few weeks. Apple can be expected to publicly release the update soon, given the crucial bug fix that it provides to ‌iPhone‌ user.

Last month, Apple previewed iOS 15, the next major update to iOS destined for a public launch this fall. The upcoming update to iOS 14 will likely be the last major update to the operating system ahead of iOS 15's fall release.

Top Rated Comments

CarlJ Avatar
CarlJ
37 months ago
Sigh. Never use data from external sources without sanitizing it first, and never hand arbitrary data to printf and friends as a template string - sure, it'll work most of the time... but then this.

This is not esoteric guru stuff, it's programming 101 (okay, maybe 201).
Score: 7 Votes (Like | Disagree)
DeepIn2U Avatar
DeepIn2U
37 months ago

COVID will never truly go away, just getting controlled. Just saying.

As for “dangerous”, if a mere resetting network setting could fix it, then it is not so “dangerous”. Inconvenient sure but “dangerous” is slightly over the board.
https://www.forbes.com/sites/gordonkelly/2021/07/06/apple-iphone-wifi-security-hack-ios-iphone-upgrade/?sh=4351967e2b86


The Increased Damage

The first development came via Carl Shou, the reverse engineer who initially discovered the hack ('https://www.forbes.com/sites/gordonkelly/2021/06/20/apple-iphone-warning-wifi-vulnerability-exploit-new-iphone-problem/'). Shou found that joining WiFi networks with specific symbols in their name (SSID) could disable any iPhone’s WiFi until the phone’s network settings were reset. Shou has subsequently managed to increase the damage this hack does ('https://twitter.com/vm_call/status/1411630091038203909'), with WiFi only being restored from a custom factory reset where the iPhone backup file is manually edited to remove malicious entries ('https://twitter.com/vm_call/status/1411753482437148683').


Fears had already been expressed ('https://www.forbes.com/sites/gordonkelly/2021/07/03/apple-iphone-security-warning-airborne-attack-threat-new-iphone-exploit/') that this hack - known as a format string flaw - could be amplified. The end game being to use it to inject and execute malicious code onto devices and even whole networks.

The Hidden Threat

The flip side to this escalating threat, was that iPhone owners would have to join a strangely named WiFi network to be hacked. But the second development suggests this may no longer be the case.
originally reported from above link:

https://www.forbes.com/sites/gordonkelly/2021/07/03/apple-iphone-security-warning-airborne-attack-threat-new-iphone-exploit/?sh=820e3d454ae9


Following revelations last month that all iPhones are vulnerable to a simple WiFi hack ('https://www.forbes.com/sites/gordonkelly/2021/06/20/apple-iphone-warning-wifi-vulnerability-exploit-new-iphone-problem/'), new research ('https://www.aireye.tech/post/the-apple-format-string-bug-from-a-silly-prank-to-an-airborne-attack') from Amichai Shulman, CTO of wireless security specialist AirEye, has claimed this type of threat is potentially more dangerous than was first reported and can also spread to macOS.


“Our response research on the format string flaw revealed that the vulnerability is not only restricted to the iOS operating system,” states Shulman. “It also has the potential to affect the macOS operating system used by many corporations for employee stations.”


“The nature of format string vulnerabilities is that when carefully crafted they can be used to write arbitrary code into random, or chosen, parts of a machine’s memory - and even eventually inject and execute code,” Shulman explains. “Since it is possible for the vulnerable iOS and macOS devices to be connected to the larger corporate network, this code can eventually be used for lateral movement even if it only stemmed from an employee accidentally joining an unknown SSID. Once the malicious code has infiltrated a device on the network, it can exploit corporate data without the need to ‘access the network first’ in the typical ways.”
I'd say it's dangerous enough for Apple to consider it important to patch.
Score: 2 Votes (Like | Disagree)
TheYayAreaLiving ?️ Avatar
TheYayAreaLiving ?️
37 months ago
Hopefully it’s out in public next week.
Score: 2 Votes (Like | Disagree)
polyphenol Avatar
polyphenol
37 months ago
Saved! I really don't know how I have survived with that bug in 14.6.

Yes - I do realise some people might really have a problem but I suspect the other things in 14.7 are likely far more important to the majority.
Score: 2 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
37 months ago

My setting will ASK if I want to join any unknown WIFI, so in theory, My phone should be save from this big … yes?
As long the phone prompts for a reply and you don't mess up the reply, you should be fine. The chances of you coming across a public WiFi name that messes up your phone is less than a percent, in my opinion.
Score: 2 Votes (Like | Disagree)
Shirasaki Avatar
Shirasaki
37 months ago

No this is actually quite important! Glad Apple coding team has made fast work of this - considering more and more of us are now fully able to explore our communities and world again. buy-bye pandemic.
COVID will never truly go away, just getting controlled. Just saying.

As for “dangerous”, if a mere resetting network setting could fix it, then it is not so “dangerous”. Inconvenient sure but “dangerous” is slightly over the board.
Score: 2 Votes (Like | Disagree)
Read All Comments

Popular Stories

Apple Silicon AI Optimized Feature Siri

Apple Releases Open Source AI Models That Run On-Device

Wednesday April 24, 2024 3:39 pm PDT by
Apple today released several open source large language models (LLMs) that are designed to run on-device rather than through cloud servers. Called OpenELM (Open-source Efficient Language Models), the LLMs are available on the Hugging Face Hub, a community for sharing AI code. As outlined in a white paper [PDF], there are eight total OpenELM models, four of which were pre-trained using the...
Read Full Article86 comments
iOS 18 Siri Integrated Feature

iOS 18 Rumored to Add These 10 New Features to Your iPhone

Wednesday April 24, 2024 2:05 pm PDT by
Apple is set to unveil iOS 18 during its WWDC keynote on June 10, so the software update is a little over six weeks away from being announced. Below, we recap rumored features and changes planned for the iPhone with iOS 18. iOS 18 will reportedly be the "biggest" update in the iPhone's history, with new ChatGPT-inspired generative AI features, a more customizable Home Screen, and much more....
Read Full Article
maxresdefault

Apple Announces 'Let Loose' Event on May 7 Amid Rumors of New iPads

Tuesday April 23, 2024 7:11 am PDT by
Apple has announced it will be holding a special event on Tuesday, May 7 at 7 a.m. Pacific Time (10 a.m. Eastern Time), with a live stream to be available on Apple.com and on YouTube as usual. The event invitation has a tagline of "Let Loose" and shows an artistic render of an Apple Pencil, suggesting that iPads will be a focus of the event. Subscribe to the MacRumors YouTube channel for more ...
Read Full Article278 comments
Apple Vision Pro Dual Loop Band Orange Feature 2

Apple Cuts Vision Pro Shipments as Demand Falls 'Sharply Beyond Expectations'

Tuesday April 23, 2024 9:44 am PDT by
Apple has dropped the number of Vision Pro units that it plans to ship in 2024, going from an expected 700 to 800k units to just 400k to 450k units, according to Apple analyst Ming-Chi Kuo. Orders have been scaled back before the Vision Pro has launched in markets outside of the United States, which Kuo says is a sign that demand in the U.S. has "fallen sharply beyond expectations." As a...
Read Full Article417 comments
iPad And Calculator App Feature 1

Apple Finally Plans to Release a Calculator App for iPad Later This Year

Tuesday April 23, 2024 9:08 am PDT by
Apple is finally planning a Calculator app for the iPad, over 14 years after launching the device, according to a source familiar with the matter. iPadOS 18 will include a built-in Calculator app for all iPad models that are compatible with the software update, which is expected to be unveiled during the opening keynote of Apple's annual developers conference WWDC on June 10. AppleInsider...
Read Full Article222 comments
macbook pro purple february

Best Buy Introduces Record Low Prices on Apple's M3 MacBook Pro for Members

Thursday April 25, 2024 7:41 am PDT by
Best Buy is discounting a collection of M3 MacBook Pro computers today, this time focusing on the 14-inch version of the laptop. Every deal in this sale requires you to have a My Best Buy Plus or Total membership, although non-members can still get solid second-best prices on these MacBook Pro models. Note: MacRumors is an affiliate partner with Best Buy. When you click a link and make a...
Read Full Article44 comments