So you just bought a new iPhone 3GS and checking out all the neat features. Keeping it safe is becoming easier thanks to its ability to be tracked by GPS if stolen. And don't you like how you can use voice control to launch certain applications with the sound of your voice? Lots of great stuff on the iPhone, but there seems to be a loophole that exploits a vulnerability in the way it handles messages received through SMS. Apple isn't sitting still and feverishly working on a fix for it. Basically a hacker can remotely install and run unsigned software code with root access to the phone. Charlie Miller, an authority on MacOS X security, mentioned it during a conference in Singapore on Thursday. He did not provide specifics on it because he has an agreement with Apple on the matter. So all those features that you found so wonderful can be used against you. The malicious code could do a number of things like track your location via GPS, record or listen in to your phone conversations, or make the phone a botnet. Apple is expecting to have a patch completed by the end of the month – just in time before Miller presents his findings in greater detail at the Black Hat USA conference in Las Vegas.
via Apple Insider