Aug 1, 2009

Apple releases iPhone firmware 3.0.1, fixes SMS flaw

Apple has responded to the security alert reported yesterday about the iPhone being vulnerable by SMS, where a hacker could lock up your iPhone, rending it useless, or even take control over it remotely.

Apple has released a patch for the SMS vulnerability, available immediately on iTunes. The firmware update, labeled as 3.0.1, contains only an update for the SMS attack. In the description of the update on Apple.com describes the update as:

A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators, and Collin Mulliner of Fraunhofer SIT for reporting this issue.

The update is available for all iPhone users, including first generation, iPhone 3G and iPhone 3GS.



No comments:

Boorkmark & Share

Bookmark Options