iPhone SMS security flaw patch expected this weekend

By on July 31, 2009, 1:37 PM
Update: Looks like Apple pulled the trigger a little earlier than expected; iPhone OS 3.0.1 just hit iTunes. The 230MB update contains only a fix for the SMS attack and is available for all iPhone users.

Earlier today we were telling you about a potentially disruptive iPhone SMS flaw that could result in Apple’s smartphone being easily compromised or remotely controlled. While the Cupertino-based company remains mum on the whole issue, its United Kingdom wireless partner O2 has revealed that a software update is indeed on the way.

According to BBC News, an O2 spokesperson has informed them that a patch will be pushed out to users on Saturday via iTunes. If true, AT&T and other carriers will likely notify their customers of the availability of the update, considering the nature of the flaw and the fact that it affects all versions of the iPhone.

Interestingly, the SMS vulnerability in question also affects phones running Windows Mobile and Google's Android operating system, but has gained notoriety as an iPhone flaw due to the device’s high-profile status. According to the report, Google has also taken steps to fix the security hole.

User Comments: 2

Got something to say? Post a comment
Algoz Algoz said:

This is what Apple says on their website...

CVE-ID: CVE-2009-2204

Available for: iPhone OS 1.0 through iPhone OS 3.0

Impact: Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution

Description: A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Technical University Berlin for reporting this issue.

A "maliciously crafted SMS" ... isn't that a virus by any other name?

fullmetalvegan fullmetalvegan said:

Propaganda has me believe that Apple products don't get virus' though.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.