A security flaw has been discovered in the iPhone OS that could allow attackers to gain root access to the iPhone OS and allow them to install and execute malicious programs at will.
Charlie Miller announced the discovery of the vulnerability during a presentation at the SyScan conference in Singapore on Thursday. DailyTech explains:
The iPhone apparently automatically executes binary code sent in SMS messages. Messages are limited to 140 bytes, but this is little deterrence as longer programs can be broken up into several messages, which the phone automatically reassembles. While other applications such as the Safari browser on the phone only enjoy access to their sandbox, the SMS system is automatically granted root access, and SMS commands execute as root.
Miller wouldn't provide specific details nor would he demonstrate the vulnerability stating that he has entered under an agreement with Apple. He'd only say, "SMS is a great vector to attack the iPhone."
Update: Apple said that it will release a fix by the end July and Miller has agreed to hold off on releasing details of his attack until then. He will present the attack at the Black Hat USA 2009 conference which runs from July 25-30 in Las Vegas. Miller is the author of The Mac Hacker's Handbook.