Just a few weeks after that first iPhone WiFi error was found, the same security researcher Carl Schou has found another similar problem.
Schou tweeted today that if an iPhone gets within range of a Wi-Fi network called ‘% secretclub% power’ then that iPhone will no longer be able to perform any Wi-Fi or Wi-Fi-related functionality use. Schuo even says that this error persists when resetting network settings.
It seems that the only workaround for this particular issue would be to hard reset the device to factory settings. 9to5Mac has not independently tested this, nor do we recommend others try.
The earlier edition was based on on the iPhone comes across a network name with the SSiD “% p% s% s% s% s% n” and the user tries to connect to it. However, this bug was fixed by resetting the iPhone network settings in the Settings app. This new problem seems to be more serious as it can be triggered once the iPhone with that poisoned name comes within range of a malicious public WiFi hotspot.
The underlying errors are clearly related as both% secretclub% power and% p% s% s% s% s% n exploit a string format encoding error somewhere in the underlying iOS network stack.
At this point, it seems likely that there are many more variations of fault-causing network names that use the strings ‘% s’, ‘% p’, and ‘% n’. You can read our previous coverage for a guess what might be going on behind the scenes here.
From an individual user’s point of view, the best security precaution is simply not to connect to Wi-Fi networks whose names contain percentage symbols. Then wait for the inevitable software update, which will see Apple fix the operating system bug that is causing the denial of service.
FTC: We Use Income Earning Auto Affiliate Links. More.