Apple fixes iPhone text message vulnerability
Denies security flaw could allow control of device, despite public demonstration
Just last week it came to light thanks to security researchers Charlie Miller and Collin Mulliner that a specially crafted text message could allow hackers to take control of the recipient's iPhone - a flaw that the pair openly demonstrated at the Las Vegas Blackhat conference.
"You might go to the web site for your bank on the iPhone browser and I could theoretically see you enter your user name and password," says Miller. "I could see the data in your applications. I could have complete control of the phone."
The issue, which affects the iPhone, iPhone 3G and the new iPhone 3GS, apparently stems from the way the device processes text messages. The system always has to accept any text message and to process any accompanying data - something a hacker can easily exploit.
The two researchers reportedly told Apple of the security flaw over a month ago, and while Apple has staunchly denied that a hacker can take over an iPhone using the flaw, it's issued a firmware update within 24 hours of Miller's and Mulliner's demonstration.
To update your device, plug the iPhone into your PC and check for an update in iTunes, following the instructions to download and install the 230MB 3.0.1 firmware.