A UK based carrier told BBC today that Apple will trying to remove a serious security fault in their iPhone. This iPhone security flaw will give hacker opportunity to disable or take control of the device.
Although Apple and AT&T have not said anything about device’s security flaw. Apple will launch this patch on Saturday via iTunes. Charlie Miller is the man who have presented the flaw at Black Hat security conference. A remote hacker can disable or take over iPhone by sending them a series or hundreds of hidden SMS. A square character only appears in the last message.
The flaw is well known common bug named as “buffer overflow.” It will fill data into a protected area beyond its capacity. This overflow of buffer will give access to hacker to the information that is outside of the protected area. The myth behind is that Smartphone can take binary data in its text message. This data can be executed as a logical program on the iPhone.
Miller said the bug could be used to execute “arbitrary code” – i.e. letting hackers run programs on remote phones – but he only demonstrated an ability to knock a phone off-line.
Miller only put a iPhone in off-line mode in his demonstration. He said that the flaw can used by running an arbitrary code, mean hacker can run programs on remote phones. Miller has warned Apple in July regarding this issue. The same issue is also reported in Android and Windows Mobile phones by Miller. Although Google has released the patch for Android flaw but for Windows Mobile patch is not available yet.