Skip to content

iPhone OS 3.0.1 Released to Fix Serious SMS Flaw

July 31, 2009

Apple Patches iPhone SMS Vulnerability

Apple on Friday released iPhone Software Update 3.0.1, which fixes the SMS vulnerability demonstrated at the Black Hat security conference on Thursday. Earlier on Friday, U.K. wireless operator O2 said Apple would release the fix on Saturday.

The flaw, disclosed by security researchers Charlie Miller and Collin Mulliner, could have allowed a vulnerable phone, such as an iPhone, to be taken over remotely. Apple attributes the flaw in the CoreTelephony framework to a memory corruption issue in the decoding of SMS messages, and credits the find to Miller and Mulliner.

The hefty software update–yes, even an update with just one fix means downloading the entire OS again–is available via iTunes; the exact size varies depending on which version of iPhone is being updated. iPhone users can get the update by connecting their phones to their computers and clicking the “Check for Update” button in iTunes.

Once again, the world is safe for text messaging–well, unless you’re texting while driving; Apple has still issued no patch for stupidity. Now we can move on to other pressing issues, like when exactly AT&T will deign to roll out the multimedia messaging we’ve all been waiting for since June.

To download the 3.0.1 security update, connect the iPhone to your computer, open iTunes if needed, click on the “Check for Updates” button and, follow the on-screen instructions.

Add to FacebookAdd to NewsvineAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Furl

No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: