also @ TechSpot: Nvidia GeForce GTX 780 Review

iPhone SMS security flaw patch expected this weekend

By

On July 31, 2009, 1:37 PM

Update: Looks like Apple pulled the trigger a little earlier than expected; iPhone OS 3.0.1 just hit iTunes. The 230MB update contains only a fix for the SMS attack and is available for all iPhone users.

Earlier today we were telling you about a potentially disruptive iPhone SMS flaw that could result in Apple’s smartphone being easily compromised or remotely controlled. While the Cupertino-based company remains mum on the whole issue, its United Kingdom wireless partner O2 has revealed that a software update is indeed on the way.

According to BBC News, an O2 spokesperson has informed them that a patch will be pushed out to users on Saturday via iTunes. If true, AT&T and other carriers will likely notify their customers of the availability of the update, considering the nature of the flaw and the fact that it affects all versions of the iPhone.

Interestingly, the SMS vulnerability in question also affects phones running Windows Mobile and Google's Android operating system, but has gained notoriety as an iPhone flaw due to the device’s high-profile status. According to the report, Google has also taken steps to fix the security hole.

No tags on this story

2 comments

User Comments: 2

Got something to say? Post a comment
  1. July 31, 2009 3:26 PM
    Algoz
    Algoz said:

    This is what Apple says on their website...

    CVE-ID: CVE-2009-2204

    Available for: iPhone OS 1.0 through iPhone OS 3.0

    Impact: Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution

    Description: A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Technical University Berlin for reporting this issue.

    A "maliciously crafted SMS" ... isn't that a virus by any other name?

    Reply
  2. August 1, 2009 6:51 AM
    fullmetalvegan
    fullmetalvegan said:

    Propaganda has me believe that Apple products don't get virus' though.

    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Mice

Downloads and Drivers

Downloads   Drivers  

KiTTY 0.62.2.3

mIRC 7.32

Actual Bookmarks 1.2

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

The average life of a GPU 18 replies on Audio and Video

Need a 5.1 speaker system with USB input 8 replies on Audio and Video

Nvidia geforce 315m? 5 replies on Audio and Video

Need advice for upgrade 5 replies on Audio and Video

Network documentation 9 replies on Storage and Networking

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.