Apple Releases iPhone Update To Fix SMS Hack

iphone_update

Apple on Friday afternoon released a firmware patch for the iPhone to fix a dangerous SMS security hole.

The 3.0.1 firmware update is available now through iTunes. The 300MB update is available for the iPhone, iPhone 3G and iPhone 3GS. It doesn’t appear to contain any other features or bug fixes except for the SMS patch, according to Apple’s security advisory.

As previously reported, noted security experts Charlie Miller and Collin Mulliner revealed a major security exploit in the iPhone’s SMS system on Thursday at the 2009 Black Hat Conference in Las Vegas.

The exploit takes advantage of memory hole in the SMS system, allowing hackers root access to the device. Programs could theoretically be sent to any iPhone, through multiple SMS messages if necessary, and take over all functions, including the camera, phone and microphone. The only indication of the hack would be a SMS message containing a single square character.

Miller and Mulliner reportedly chose to reveal the exploit, which is applicable to all mobile platforms including iPhone OS, Android and Windows Mobile, at Black Hat after Apple had been unresponsive in the wake of their showing it to company officials earlier in July.

Looks like Apple woke up fast. The patch was issued in about 24 hours.

UPDATE: Google also patched its Android system on Friday, and Microsoft says it is investigating, according to BusinessWeek. To be fair, Microsoft was just informed of the vulnerability, while Apple was warned weeks ago, which may explain the speed of its patch.

About the author

Leander KahneyLeander Kahney is the editor and publisher of Cult of Mac. He is the NYT bestselling author of Jony Ive: The Genius Behind Apple's Greatest Products; Inside Steve’s Brain; Cult of Mac; and Cult of iPod. Leander has written for Wired, MacWeek, Scientific American, and The Guardian in London. Follow Leander on Twitter @lkahney and Facebook.

(sorry, you need Javascript to see this e-mail address)| Read more posts by .

Posted in Apple, iPhone, News, Software |