Indefatigable hacker Charlie Miller has found a serious flaw in the iPhone, one that has Apple scrambling to get it fixed. Miller found a vulnerability in the way the iPhone handles text messages (SMSs), and Miller – who recently said “no more free bugs” – apparently has been working with Apple to help fix the flaw.
Reported by Infoworld, this bug,
allows an attacker to run software code on the phone that is sent by SMS over a mobile operator’s network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone’s microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet.
Miller will be presenting more information about this flaw at the coming Black Hat security conference, later this month. In the meantime, Apple is hoping to have a patch for this vulnerability by the end of the month. Discussing this flaw, Miller said, “The iPhone is more secure than OS X, but SMS could be a critical vulnerability.”