The BBC News is reporting that the UK network operator 02, is reporting that Apple is in the process of releasing a software patch to prevent the iPhone from being hacked. But at the end of the article the BBC News says that Apple was not available for comment. So the BBC News is banking on the fact that 02 is right.
On a serious note it is about time that Apple fix the problem that can result in the iPhone being hijacked by a modified SMS message. This flaw was brought to the attention of Apple over a month ago and they have sat on their hands. According to the article it also states that:
Charlie Miller and Collin Mulliner told the Black Hat conference in Las Vegas that the hack works by slightly modifying the data – sent by the network and which the user does not see – that arrives as part of a text message.
The system that processes such messages is similar across different operating systems and can, once compromised, gain access across a range of applications including a phone’s address book or camera.
The team say that hackers could develop programs to exploit the weakness in as little as two weeks, but told the conference that publicising the means of attack was necessary to ensure the problem was addressed.
“If we don’t talk about it, somebody is going to do it silently. The bad guys are going to do it no matter what,” Mr Mulliner, an independent security expert, said.
The team wrote software to exploit the weakness, targeting iPhones on four networks in Germany as well as AT&T in the US. However, they believe it would work equally well in any country.
The approach is particularly dangerous because messages are delivered automatically, and users cannot tell that they have received the malicious code.
The article also states that the patch will be released through iTunes on Saturday. The exploit also targets Google’s Android and Windows Mobile.