In association with heise online

01 August 2009, 17:56

Apple closes hole in iPhone SMS

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Apple has released iPhone firmware 3.0.1, as a security update. The update closes a vulnerability in the processing of SMS messages. The vulnerability was among a number of presentations at the Black Hat Conference concerning mobile phone security weaknesses.

By sending a multi-part SMS message, but not posting all parts of that message, it is possible to manipulate the internal heap of the iPhone. This could cause the phone to crash or, in theory, execute arbitrary binary code. The update is available to download and install by using iTunes and selecting an iPhone in the devices list and then selecting "Check For Update" on that page.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit