01 August 2009, 17:56
Apple closes hole in iPhone SMS
Apple has released iPhone firmware 3.0.1, as a security update. The update closes a vulnerability in the processing of SMS messages. The vulnerability was among a number of presentations at the Black Hat Conference concerning mobile phone security weaknesses.
By sending a multi-part SMS message, but not posting all parts of that message, it is possible to manipulate the internal heap of the iPhone. This could cause the phone to crash or, in theory, execute arbitrary binary code. The update is available to download and install by using iTunes and selecting an iPhone in the devices list and then selecting "Check For Update" on that page.
(djwm)
Print Version | Send by email
| Permalink: http://h-online.com/-742761
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
