Tech

Apple plugs iPhone SMS hole

The company has issued a patch for an SMS flaw revealed at the Black Hat security conference that could enable an attacker to take complete control over an iPhone

Written by Larry Dignan, Contributor Aug. 3, 2009 at 12:52 a.m. PT

Apple has plugged an SMS flaw that could enable an attacker to take complete control over an iPhone.

Researchers Charlie Miller and Collin Mulliner said at the Black Hat security conference that an attacker could use the SMS exploit to make calls, swipe data and send text messages. The attack was enabled by a memory corruption bug in all iPhone operating systems.

Apple was notified of the problem six weeks ago, but did not deliver a patch. That changed on Friday when Apple patched CVE-2009-2204.

Apple said: "A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling."

Editorial standards

Show Comments

Apple plugs iPhone SMS hole

Related

I've used every iPad since the original. Here's my buying advice for the new 2024 models

5 ways to make your Echo Show less annoying

Four reasons to buy the Apple's 2024 iPad Pro (especially if you own an older model)