Security researcher Carl Schou has found that connecting to WiFi networks with certain names with your iOS device can almost permanently disable your WiFi functionality.
According to user @wr3nchsr on Twitter, the “%s” is the culprit that triggers the vulnerability. If your device has only connected to one malicious network, simply resetting your network settings should fix it.
If your device has connected to more than one malicious network, resetting your network settings will not fix it. To enable WiFi in your device again, you would either need to erase all your data, or back up the device and manually edit the backup and remove malicious entries from the known networks .plist.
This is caused by something called a ‘format string bug’. “%s” is a string format specifier in the programming language C. Normally, the device does not read user inputs as code, but because of this bug, it causes the WiFi to be disabled.
“I don’t believe it is exploitable”, said security researcher Alex Skalozub. Normally, these types of attacks can ‘inject’ code into the device, enabling unwanted programs to be run. Because of the nature of Apple’s framework, injecting code is not possible, and the SSID has a character limit anyway.
This bug has been found to disable AirDrop as well.
Apple has not publicly responded to this matter yet, but in the meantime, try not to connect to any weird public networks.
[ SOURCE ]
Dongfeng Box is now officially available in Malaysia. Launched in partnership with Central Auto Distributors…
Edaran Tan Chong Motor (ETCM) has announced that the Nissan Kicks e-Power is now open…
TikTok in partnership with Communications and Multimedia Content Forum of Malaysia (CMCF) have recently organised…
Tesla owners in Malaysia have reported that their vehicles can now perform the Autopark feature.…
After unveiling its latest smartphones, the Asus ROG Phone 9 series, to the world, Asus…
WhatsApp has introduced a new Voice Message Transcripts feature which allows users to easily convert…
This website uses cookies.