Feeds

Apple patches Black Hat SMS vuln

Claims 24 hour turnaround

Boost IT visibility and business value

Yesterday, The Reg reported that researchers had discovered a vulnerability in the iPhone and other mobile devices that made them vulnerable to an SMS hack.

This morning, Apple fixed it.

Apple spokesperson Tom Neumayr told The Reg about the fix when we contacted him after the BBC reported that O2 had said a fix was on the way.

According to Neumayr:

We appreciate the information provided to us about SMS vulnerabilities which affect several mobile phone platforms. This morning, less than 24 hours after a demonstration of this exploit, we've issued a free software update that eliminates the vulnerability from the iPhone. Contrary to what's been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.

It should be said, however, the vuln was first discussed by security researcher Charlie Miller, principal analyst at Independent Security Evaluators, three weeks ago. Miller is credited by Apple, along with Collin Mulliner of Technical University Berlin, for reporting the vuln.

Although we're not among those who reported that the vuln had been used to bag anyone's personal info, we're still quite pleased that the 297.9MB iPhone 3.0.1 update loaded swimmingly onto our own personal iPhone 3GS.

iTunes iPhone 3.0.1 info dialog

One of the more straightforward update descriptions we've seen in quite some time

To access the fix, connect your iPhone to iTunes as per usual, and click Check for Update. Or you could simply wait until iTunes does its automatic weekly self-check.

But, as always, better safe than sorry. ®

Boost IT visibility and business value

More from The Register

next story
USA to insist on pre-flight mobe power probe
Prove it works or it can't come aboard flights to USA
Computing student jailed after failing to hand over crypto keys
Sledgehammer once again used to crack a nut
Brit celebs' homes VANISH from Google's Street View
Tony Blair's digs now a Tone-y Blur
Doctor Who season eight scripts leak online
BBC asks fans to EXTERMINATE copies before they materialise
Insecure AVG search tool shoved down users' throats, says US CERT
Sneaky 'foistware' downloads install things you never asked for
New NSA boss plays down impact of Snowden leaks
You have not heard me say 'OMG, the sky is falling'
'I don't want to go on the cart' ... OpenSSL revived with survival roadmap
Heartbleed-battered crypto library reveals long path back to health
MONSTER COOKIES can nom nom nom ALL THE BLOGS
Blog networks can be force-fed more than they can chew
prev story

Whitepapers

How modern custom applications can spur business growth.
In this whitepaper learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
The Power of One eBook: Top reasons to choose HP BladeSystem
Only the Power of One delivers leading infrastructure convergence, availability and scalability with federation, and agility through data center automation.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximizing your infrastructure through virtualization
Virtualization continues to be one of the most effective ways to consolidate, reduce cost, and make data centers more efficient.
Build a Business Case: Developing Custom Apps
In this whitepaper learn how to maximize the value of custom applications by accelerating and simplifying their development.