British network operator O2 has issued a statement to the BBC confirming that Apple will fix a security issue with the iPhone on Saturday via iTunes.
Researchers revealed yesterday that they had discovered a flaw within Apple's iPhone SMS feature, an exploit that could allow a hacker access to your iPhone, disabling it and rendering it utterly useless.
The flaw was announced originally in early July and demonstrated yesterday by iPhone hacker Charlie Miller. Miller is a well known security researcher, famous for hacking a Macbook within seconds earlier this year at Pwn2Own 2009.
The flaw exploits an issue with the way the phone handles SMS messages. The attack developed by Miller works by exploiting a missing safeguard in the phones' SMS software that prevents code in the messages' text from overflowing into other parts of the device's memory where it can run as an executable program. Miller and his colleague Collin Mulliner plan to demonstrate how a series of 512 SMS messages can exploit the bug, with only one of those messages actually appearing on the phone, showing a small square. If you receive a text message on your iPhone any time before Saturday containing only a single square character, Miller advises turning the phone off as soon as possible.
The series of SMS messages will give hackers complete power over any of the smart phone's functions. This includes dialing the phone, visiting Web sites and sending SMS messages.
An O2 spokesperson confirmed to the BBC a patch would be available Saturday through iTunes. "We will be communicating to customers both through the website and proactively," the spokesperson added.
Updated: Apple has now released iPhone 3.0.1 to address the issues.
4 Comments - Add comment