IDG News Service - Apple Inc. has just over a day left to patch a bug in its iPhone software that could let hackers take over the iPhone just by sending out an SMS (Short Message Service) message.
The bug was discovered by noted iPhone hacker Charlie Miller, who first talked about the issue at the SyScan conference in Singapore. At the time, he said that he had discovered a way to crash the iPhone via SMS, and that he thought the crash could ultimately lead to working attack code.
Since, then he has been working hard, and he said he's able to take over the iPhone with a series of malicious SMS messages. In an interview Tuesday, Miller said he will show how this can be done during a presentation at the Black Hat security conference in Las Vegas on Thursday with security researcher Collin Mulliner.
"SMS is an incredible attack vector for mobile phones," said Miller, an analyst with Independent Security Evaluators. "All I need is your phone number. I don't need you to click a link or anything."
Miller reported the flaw to Apple about six weeks ago, but the iPhone's maker has yet to release a patch for it. Apple representatives could not be reached for comment, but the company typically keeps quiet about software flaws until it releases a patch.
If it does release a pre-Black-Hat patch, Apple will not be alone. Microsoft Corp. had to scramble to put out an emergency fix for a flaw in its Active Template Library (ATL), which is used to build ActiveX controls. That "out-of-cycle" patch was released Tuesday, ahead of another Black Hat presentation on that particular vulnerability.
Miller's attack doesn't pop up shellcode -- the basic software attackers use as a steppingstone to launch their own programs on a hacked machine -- but it lets him control the instructions that are within the phone's processor. With some more work, someone could take this exploit and run shellcode, Miller said.
Although it's an old technology, SMS is emerging as a promising area of analysis as security researchers use the powerful computing capabilities of the iPhone and Google Inc.'s Android software to take a closer look at the way SMS works on mobile networks.
On Thursday, two other researchers, Zane Lackey and Luis Miras, will show how they can spoof SMS messages that would normally only be sent by a carrier's servers. This type of attack could be used to change someone's phone settings simply by sending him an SMS message.
Miller believes that more SMS bugs are likely to emerge. To help find them, he and Mulliner have developed an SMS "fuzzing" tool that can be used to hammer a mobile device with thousands of SMS messages without actually sending the messages over the wireless network (a costly endeavor).
The tool, which he calls the Injector, runs on the iPhone, Android-based devices and Windows Mobile phones.
The tool inserts itself between the phone's computer processor and the modem and makes it look like the SMS messages are coming through the modem when in fact they're being generated by the phone.
- Apple's CarPlay vs. MirrorLink: Is there a need for both?
- Apple's CarPlay to spark mobile apps war in your car
- iTunes is almost as big a biz as OEM Windows
- Icahn says 'I can't' and stops $50B fight over Apple stock buyback
- Lenovo-Moto deal's impact on Apple? Zip
- Office 365 turns one, but success is tough to tally
- Everyone bets on bigger iPhone for '14
- Apple's iPod business collapses as revenue becomes a rounding error
- Update: More than 1B smartphones were shipped in 2013
- Cook admits Apple blew the call on the iPhone 5C
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts