Apple is scrambling to fix a critical iPhone SMS vulnerability that could allow a malicious hacker to break into a mobile operating system and control it remotely.
Specifically, the vulnerability occurs in the way the iPhone receives and sends text messages via its Short Messaging Service, or SMS. Attackers could take advantage of weaknesses in the binary code sent by the SMS to an iPhone.
If exploited, the SMS flaw could be used by hackers for malicious purposes that include tracking a victim's location via GPS, executing malicious code that launches a denial of service attack or botnet, or listening in on conversations. Users could become infected by visiting a malicious Web site or clicking on a malicious link, typically through a social engineering ploy.
The iPhone flaw was first detected by hacker Charlie Miller, who presented the SMS flaw at the SyScan conference in Singapore on Thursday. He has plans to further discuss the bug at the upcoming Black Hat USA 2009 hacker conference, according to an Intego security blog.
Meanwhile, Apple is working on a security patch and hopes to have one in place before Miller's presentation at the end of July.
Miller, an authority on Mac OS X, is the author of "The Mac Hacker's handbook. He recently achieved a successful hack into the Mac OS X during the PWN to Own contest held at the CanSecWest security conference in Vancouver, B.C.
During his SyScan presentation, Miller said that the flaw allows the hacker to "jailbreak" into the phone, which occurs when a user removes Apple's barriers to installing third-party applications, such as cracked applications and software not distributed by Apple or the iTunes Store, according to the Intego blog post.
Users who "jailbreak" an iPhone can also use the device on a carrier other than AT&T, Apple's exclusive carrier. And vulnerabilities in the iPhone's SMS function can give the attacker access to the handset.
However, despite the SMS flaw, Miller said that the stripped down version of the MacOS X in the iPhone was more secure than the full version of the Mac OS X operating system due to the fact that it doesn't support Adobe Flash and Java apps, which often leave a device vulnerable to attack. In addition, the iPhone baked in security hardware that protects its stored data, and is designed to only run code created by Apple.
While Apple doesn't have a system to rank its security flaws, the iPhone SMS vulnerability would be deemed "critical" due to the fact it can be exploited remotely.
