A software bug happens because of an error, flaw or fault in its programming, that may have gone unnoticed by its creators.
The more complex a software is, the more there can be bugs. This is because more functionality requires more codes. And sometimes, the process of introducing more codes can introduce bugs that weren't there before. This is why tech companies are always updating their software, in order to patch those bugs, as soon as they see one.
Previously, iPhones and iPads have had the "shrug bug", crashed when receiving some Telugu characters, as well as when receiving some Sindhi characters.
And this time, yet another weird bug has been found.
According to Cark Schou, a security researcher, if iOS users join a network with the name %p%s%s%s%s%n, all Wi-Fi functionality on the device will be disabled from that point on.
Once an iOS device joins the network with the name, the device will fail to connect to the Wi-Fi networks, and won't be able to use system networking features like AirDrop.
And from that moment, on, the device won't be able to turn on its Wi-Fi feature anymore.
This issue is persistent, even after rebooting the device.
Schuo has not detailed how he found this bug, but the problem is rooted to the way the Wi-Fi network is named.
In programming, the % character is a syntax commonly used to format variables into an output string. In C programming language, the %n is a specifier that can be used to save the number of characters written into the format string out to a variable passed to the string format function.
It's suggested that the Wi-Fi name (SSID) may have passed the command unsanitized to some internal library that performs the string formatting.
And this in turn causes an arbitrary memory write and buffer overflow, leading to a memory corruption, resulting to the iOS watchdog killing the process, hence effectively disabling the Wi-Fi function for the user.
This bug has a slightest chance of being exploited, unless someone wants to just rename a Wi-Fi network to that name, and force or entice people to join it. And again, the person won't benefit anything from this, other than just pranking some iOS users who are in radius.
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~) pic.twitter.com/2eue90JFu3
— Carl Schou (@vm_call) June 18, 2021
Fortunately, this bug does not permanently damage the iOS device from ever using its Wi-Fi function anymore.
While restarting the device won't solve the issue, users can reset all of the affected device's network settings, and start all over again.
Resetting the network settings will reset all saved Wi-Fi networks on the iPhone, as well as other things like cellular settings and VPN access.
This should remove any stored information about the malicious network name from the device's memory.
Read: How Apple's IOS Devices Were Vulnerable To 'Wi-Fi Broadcast Packet Of Death'