updated 03:25 pm EDT, Wed July 29, 2009
iPhone SMS vulnerability
Apple has yet to fix a key iPhone vulnerability the day before it is publicly exposed, notes security researcher Charlie Miller. At the beginning of July, Miller announced the preliminary details of an SMS exploit which could theoretically be used to assume control over a remote iPhone. That exploit has now been brought to fruition, the researcher says, and will be detailed in full -- as planned -- at this Thursday's Black Hat conference in Las Vegas.
Although Apple has been made aware of the problem, and promised a fix by the end of the month, it has yet to release updated iPhone firmware with just days remaining until August. The iPhone may not be unique in its vulnerability; another Black Hat presentation by Zane Lackey and Luis Miras is set to show a similar exploit possible on a wider basis. Apple has not commented publicly on the matter since Miller's initial announcement.