iPhone update fixes ‘SMS of death’ vulnerability

iPhone SMS
Apple has released an update to its iPhone operating system to protect against a vulnerability that could potentially allow criminals to hijack users’ phones with malicious intent.

The flaw, which relies upon hackers sending booby-trapped SMS messages to the intended victim, was demonstrated at the BlackHat conference in Las Vegas earlier this week, generating much publicity for security researchers Charlie Miller and Collin Mulliner who uncovered the problem.

The good news is that it’s not believed that any hackers have yet exploited the vulnerability in a malicious attack. But clearly Apple realised that there was a genuine danger of cybercriminals using the exploit for their own ends. Certainly the headlines about the iPhone flaw would have caught the attention of some malicious hackers, so it’s good to see that Apple has now released a fix.

Apple’s iPhone OS 3.0.1 update claims to fix the vulnerability through improved error-handling:

Details of iPhone SMS vulnerability from Apple

To update your iPhone, plug it into your computer and choose the “Check for Update” option in iTunes.