iPhone SMS Flaw Patched by Apple, Out-of-Band

iPhone SMS Flaw Patched by Apple, Out-of-Band

One day after security experts announced their iPhone SMS hack research at the Black Hat Security Conference, Apple released a patch to address the flaw. Experts revealed on Thursday that malformed SMS messages could be used to hijack an iPhone.

Originally, an O2 spokesperson was the first to reveal the upcoming fix, noting that the patch would be available Saturday through iTunes.
"We will be communicating to customers both through the website and proactively.

"We always recommend our customers update their iPhone with the latest software and this is no different."
Apple delivered the fix sooner than expected, however, with the new OS version, 3.0.1 becoming available by mid-day in the U.S.



Security researchers Charlie Miller and Collin Mulliner released their findings the Black Hat conference in Las Vegas on Thursday. Further reports indicate that the flaw exists in most, if not all, GSM devices based on the way they handle SMS messages. Miller and Mulliner also found a hole in the iPhone's Safari browser way back in 2007 when it was first launched.
0
+ -

"No teen had ever stumbled across the malformed message exploit before, because it consists entirely of words that are spelled properly."

0
+ -

3vi1:

"No teen had ever stumbled across the malformed message exploit before, because it consists entirely of words that are spelled properly."

 

:-)  cute..

 

I have read the white paper and the SMS exploit sends a bunch of unseen SMs messages followed by one with an empty box. if you get the empty box you are advised to shut your iPhone off.

 

Login or Register to Comment
Post a Comment
Username:   Password: