Apple fixing iPhone SMS security hole

          This month Apple expects to have a fix later for a vulnerability in the iPhone that could allow an attacker to gain device control remotely via SMS (short message service), a security researcher said on Thursday.
         In a presentation at the SyScan conference Charlie Miller, co-author of The Hacker’s Handbook and principal security analyst at Independent Security Evaluators, said in Singapore that the way iPhones handle SMS messages to do things like use GPS to track the phone’s location could be used by an attacker. It helped the microphone to eavesdrop or the device to be taken control. IDG News Service covered the presentation.
         Miller was barred from providing too much detail on the vulnerability under an agreement with Apple. At the end of the month he was going to give a more details on the hole at the Black Hat conference in Las Vegas.
         Miller said although the SMS hole could be a critical vulnerability, the iPhone is more secure on computers than OS X. Miller thougut the Adobe Flash and Java are not supported by iPhone and Apple only runs software digitally. Therefore the hardware will protect for data stored in memory, and run applications in a sandbox.
         Apple representatives did not respond to an e-mail request for comment immediately.

Inquire Now