Security researchers Charlie Miller and Collin Mulliner on Thursday revealed a memory corruption bug that could be easily exploited by crashing an iPhone with a series of invisible text messages, which would then enable a hacker to hijack the device. From thereon, a hacker could control all the functions on the iPhone most alarmingly, he could send more text messages to hijack even more iPhones.
The researchers demonstrated the SMS security hole at the Black Hat cybersecurity conference in Las Vegas. They also demonstrated the flaw by sending an attack to crash a CNET reporters iPhone.
On Friday morning, Apple released iPhone OS 3.0.1. Available through iTunes, the update Fixes SMS vulnerability, according to its description.
We appreciate the information provided to us about SMS vulnerabilities which affect several mobile phone platforms, an Apple spokeswoman said in a phone interview with Wired.com. This morning, less than 24 hours after a demonstration of this exploit, weve issued a free software update that eliminates the vulnerability from the iPhone. Contrary to whats been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.
Apple moved even faster than necessary to fix the problem: Miller told Wired.com it took him two and a half weeks to discover the exploit. A hacker really smart and lucky could take a few days to replicate the attack, but thats unlikely because not many people in the whole world have these skills, he said.
Still, it just takes one bad guy a couple of weeks, and every iPhone could be attacked, Miller told Wired.com in a phone interview.
Nonetheless, Jonathan Zdziarski, another iPhone security researcher, said he felt Miller sensationalized the problem with this stunt. He noted that many devices have vulnerabilities in the wild that nobody has exploited, and its unlikely a hacker wouldve devoted much energy to replicating Millers SMS attack, because there isnt much to gain beyond annoying iPhone users.
Every time we find a bug its been there for a year or more, Zdziarski said. At the very least its been six months, maybe longer.
Miller acknowledged that the iPhones SMS weakness has probably existed for years; he first discovered the flaw in iPhone OS 2.0, which launched in 2008.
The problem has been in the phone for year, but no ones known about it, he said in a phone interview Thursday. Now that its out in the open, [Apple] can fix it.
