Apple has finally responded to a serious bug in its WLAN subsystem for iOS and iPadOS devices, which can disable the entire wireless module. The bug discovered in June makes it possible to deactivate the connection only via certain incorrectly formatted names of hotspots (SSIDs) – in the worst case so that the iPhone or iPad has to be completely reset afterwards if you want to have WLAN access again. Security researchers have found that it is enough to connect to such a hotspot once.
The beta helps
In the fifth beta version of iOS 14.7, which was released last week, Apple has now ironed out the problem, testers report. This applies to both the public beta and the developer beta. However, that does not mean that the fix will be available immediately – it is still unclear when the final version of iOS or iPadOS 14.7 will be available for download. It is possible that there will be more betas before that.
The unusual bug in the WLAN subsystem apparently has to do with the incorrect processing of the SSID name, which can be exploited with an SSID such as “% p% s% s% s% s% n”. It is considered likely that this is a format string attack. In doing so, the attacker exploits the carelessness of the developers, who have apparently failed to process external data in a filtered manner. Instead, because of their shape, they are apparently interpreted as a command.
In the worst case, device for WLAN is flat
Fortunately, the deactivation can be remedied by resetting the network settings – this deletes the defective string. That doesn’t always work, however: later, the security researcher Carl Shou, who first published the vulnerability, discovered that an SSID like “% secretclub% power” made it possible to “permanently turn off” the WLAN function on his iPhone. At least normal troubleshooting techniques such as resetting the network settings multiple times or forced restarts should not be sufficient to reactivate WLAN. If a backup for restarting the device also contains the SSID, this is of no use to the user.
Be careful when choosing the WiFi
As long as Apple does not fix the bug, users should be careful not to use unknown SSIDs with strange character combinations – caution is always advisable with open WLANs anyway. After all, it is not possible to force the device to connect to such networks, so that the bug cannot be used automatically.