Apple fixing acute SMS vulnerability in iPhone OS
Apple is currently busy in fixing a serious bug detected in the SMS functionality in the iPhone, as per Safari Charlie. Besides this, he added that the users interested in security should ignore jail breaking their iPhones. This error can actually lead to the arbitrary and unpredictable execution of the code.
Miller has not briefed about this bug till yet, going for an agreement with the Apple, although he and Vincenzo Iozzo will do detailing about this later in the Black Hat Security Conference conducting in Las Vegas.
In a presentation at the SyScan security conference conducting in Singapore, Miller had explained, how a vulnerability in iPhone’s handling of SMS messages makes it possible to send code without a text. Contempt of SMS’s 140 byte size restriction, iPhone has the capability to reassemble larger messages, broken to fit the limitation size allowing larger programs to be delivered. To execute SMS data as code inspite of text, iPhone can be instructed to implement the code without any communication with the user and root privileges. This susceptibility makes it workable to turn off the signed code check built in and load unsigned libraries to iPhone OS.
This thing grants an attacker or hacker to load entire shell environment and have complete control over the device, involving full access to any data stored on it. Last month, Miller has told Ars that he is not confirmed about the existence of vulnerability in iPhone OS 3.0; still Apple is working on that bug. According to iPhone OS 3.1 in beta, it exists in the latest version, instead of Apple patching 46 other potential security issues in the update.
In countless occasions, Miller had noticed that iPhone OS has good security features as well as popularity. Secure and safe environment is created due to the individual application sandboxes and code signing requirements, though till now these have not been targeted by the attackers. In addition, he said, during his SyScan presentation, a side effect of jailbreaking an iPod touch or iPhone cuts around 80% of these kinds of protection and security concerns that the users should know about avoiding jailbreaking.
It has been expected that Apple will get a fix for the SMS issue this month before Miller and Iozzo will be detailing about that at the Black Hat conference i.e. scheduled at 25 July. Till now, this has not been confirmed that the patch will be availed either in the form of iPhone OS 3.1 or individual 3.0.x point release.
