UPDATE: iPhone security threat via SMS could be catastrophic if not patched
A potentially catastrophic security flaw in the SMS function of iPhones is being reported across the Internet. Thursday afternoon, researchers are planning to reveal the currently unpatched bug in the iPhone's handling of SMS text messages that could allo
Written by Joe Aimonetti
A potentially catastrophic security flaw in the SMS function of iPhones is being reported across the Internet. Thursday afternoon, researchers are planning to reveal the currently unpatched bug in the iPhone's handling of SMS text messages that could allow for hackers to completely hijack any iPhone in the world.Note: Due to some recent commenting on MacFixIt, I feel compelled to assure you that this is not a sensationalist story. This is a real security threat for users of Apple's iPhone and should be taken with a great deal of seriousness.
The Story
Forbes reports that researchers Charlie Miller and Collin Mulliner will reveal the iPhone SMS exploit at tomorrow's Black Hat conference, being held in Las Vegas.
"If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly."The article goes on to explain the threat, stating the the exploit can send mostly invisible text messages resulting in hackers gaining access to near complete control of the iPhone's functionality which, "includes dialing the phone, visiting Web sites, turning on the device's camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking."
Apple has reportedly been aware of this exploit for about six weeks, though no patch has been released. This attack is unique in that the hacker would not need the user to do anything to enable the malicious code. All the hacker needs is the phone number of an iPhone user--everything else is done via SMS.
PC World also has an insightful report on this story.
Again, please take this seriously. If you receive the suspect text message, turn off your iPhone immediately. Of course, we will keep you posted on this story and let you know if any patches are released.
UPDATE: After yesterday's Black Hat conference unearthed the SMS security flaw in iPhones, the BBC is reporting that Apple will be releasing a patch via iTunes on Saturday. Be sure to check iTunes throughout your weekend for the update.
Experiencing problems? Have an issue you need help with? Contact Us!
Follow MacFixIt on Twitter!
Resources