Security News

Apple has rolled out security updates to address dozens of iOS and macOS vulnerabilities, including a severe iOS bug dubbed WiFiDemon that could lead to denial of service or arbitrary code execution. The vulnerability, tracked as CVE-2021-30800 and a zero-day bug when security researcher Carl Schou publicly disclosed it, was fixed by Apple with the release of iOS 14.7 earlier this week.

iPhone users, drop what you're doing and update now: Apple has issued a warning about a ream of code-execution vulnerabilities - some of which are remotely exploitable - and experts are emphatically recommending an ASAP update to version 14.7 of iOS and iPadOS. Unfortunately, you aren't getting a fix for the flaw that makes your iPhones easy prey for Pegasus spyware. A local attacker may be able to execute code on the Apple T2 Security Chip due to multiple logic issues in IOKit.

The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research. The denial-of-service vulnerability, which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input, triggering a crash on any up-to-date iPhone that connected to wireless access points with percent symbols in their names such as "%p%s%s%s%s%n.

It's already nearly two months since Apple's last security update to iOS 14, which was back on 2021-05-24 when iOS 14.6 appeared. So we weren't surprised to see that another patch is out, officially listed [2021-07-19] as covering iOS, tvOS and watchOS. Annoyingly, there's no mention of iPadOS, which has typically been listed on the same line as its related iOS update in recent Apple security reports.

iPhones have been compromised by the NSO Group's Pegasus spyware. The findings indicated that the Pegasus spyware program sold by surveillance company NSO Group was able to infect iPhone 11 and iPhone 12 models through zero-click attacks in the iOS iMessage app.

The original DoS issue is a string-format bug discovered by researcher Carl Schou, who found that connecting to an access point with the SSID "%p%s%s%s%s%n" would disable a device's Wi-Fi. String-format problems occur when operating systems mistakenly read certain characters as commands: In this case, the "%" combined with various letters. "My iPhone permanently disabled it's [sic] Wi-Fi functionality," Schou wrote in his writeup, in June.

Security researchers investigating a bug that crashed the Wifi service on iPhones found that it could be exploited for remote code execution without user interaction. When initially disclosed, the bug could disable an iPhone's WiFi connection after trying to connect to a network with a name that included a special character.

" We explain how a format string bug could lock your iPhone out of your own network. We revisit the PrintNightmare saga, which is sort-of fixed but not really.

Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits. Citizen Lab was able to independently observe NSO Pegasus spyware deployed on an iPhone 12 Pro Max running iOS 14.6, hacked via a zero-day zero-click iMessage exploit, which does not require interaction from the target.

Schou set up a Wi-Fi access point with a network name of %p%s%s%s%s%n, and then deliberately connected his iPhone to it in order to check for what are known as format string vulnerabilities. The name format string vulnerability comes from a standard, widely-used system function, found in almost every operating system, known as printf(), shorthand for format and print data.