Apple fixes iPhone text message vulnerability

Denies security flaw could allow control of device, despite public demonstration

| Aug 3, 2009

Just last week it came to light thanks to security researchers Charlie Miller and Collin Mulliner that a specially crafted text message could allow hackers to take control of the recipient's iPhone - a flaw that the pair openly demonstrated at the Las Vegas Blackhat conference.

"You might go to the web site for your bank on the iPhone browser and I could theoretically see you enter your user name and password," says Miller. "I could see the data in your applications. I could have complete control of the phone."

The issue, which affects the iPhone, iPhone 3G and the new iPhone 3GS, apparently stems from the way the device processes text messages. The system always has to accept any text message and to process any accompanying data - something a hacker can easily exploit.

The two researchers reportedly told Apple of the security flaw over a month ago, and while Apple has staunchly denied that a hacker can take over an iPhone using the flaw, it's issued a firmware update within 24 hours of Miller's and Mulliner's demonstration.

To update your device, plug the iPhone into your PC and check for an update in iTunes, following the instructions to download and install the 230MB 3.0.1 firmware.

Spanner Spencer

Yes. Spanner's his real name, and he's already heard that joke you just thought of. Although Spanner's not very good, he's quite fast, and that seems to be enough to keep him in a regular supply of free games and away from the depressing world of real work.

Next Up :
Pine: A Story of Loss explores grief in a wordless narrative game, coming in late 2024