Filed under: Apple, Security, iPhone
O2: SMS security flaw on iPhone to be patched Saturday
Yesterday's news from the Black Hat Technical Security Conference in Las Vegas about the SMS security flaw affecting iPhone, Android, and Windows Mobile smartphones was a bit unnerving. Through skillful manipulation of SMS messages, an attacker could gain control of a smartphone.BBC News reports that UK mobile provider O2 has received word from Apple about a patch for the security flaw on the iPhone. The patch, in the form of a software update, will be available Saturday, August 1, 2009. As with all updates to the iPhone, the security patch will appear in iTunes.
Considering the potential for mischief on the part of hackers, it is entirely possible that AT&T, O2, and other carriers will notify their customers of the availability of the update. Whether or not that message will come through SMS remains to be seen.
Be sure to keep an eye on TUAW or our Twitter feed (http://twitter.com/tuaw) tomorrow and we'll notify you as soon as the patch makes an appearance.
UPDATE: iPhone OS 3.0.1 is now available for download from iTunes. 297.9MB in size.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
Chris l said 12:50PM on 7-31-2009
It would be even nicer if the carriers would simply block suspicious messages.
Reply
Mike said 1:13PM on 7-31-2009
Ya. Whatever happened to allowing acceptable characters, and blocking everything else.
William said 1:24PM on 7-31-2009
Steven, I thought Google had already patched Android's version of this SMS vulnerability? And I thought on the Windows Mobile side, it only affected those with certain HTC software, not just any Windows Mobile device?
I wonder if Apple is scrambling to put out a patch now only because the iPhone's vulnerability has been made public, since they've known about it for several weeks and haven't released a patch. Seems a bit much to be coincidence.
Reply
James Donevan said 1:36PM on 7-31-2009
@William "I wonder if Apple is scrambling to put out a patch now only because the iPhone's vulnerability has been made public"
Of course they're scrambling to get it out due the adverse publicity. Does anyone really care as long as the patch is out?
Reply
Jack Welde said 1:37PM on 7-31-2009
I'm wondering if this patch will also have the undesirable effect of removing the tethering hack... hope not.
Reply
Addiction Anaylst said 2:48PM on 7-31-2009
I hope that this is handled and does not become the Apples' Achilles heel. My business loves our iPhones.
Reply
UoMDeacon said 1:56PM on 7-31-2009
Patch is out now. Just got notice through iTunes that it was available.
Reply
J said 2:02PM on 7-31-2009
3.0.1 is out in iTunes.
As always, waiting for confirmation that it can be jailbroken and that the MMS mod will still work before upgrading.
Reply