Charlie Miller revealed an attack on Apple iPhones that is launched simply by sending an iPhone a text message. (Also called SMS message.)
Mr. Miller is discussing this vulnerability at the ongoing annual Defcon / Black Hat conference in Las Vegas. He claims that possible damage ranges from a simple crash, through hijacking of all phone functions, to broadcast of the malicious text to all numbers in the iPhone’s contacts list. (It sounds like another buffer overrun vulnerability: the device gags as it tries to process more data than it can handle, and sends the CPU’s instruction pointer to an undefined address in memory . . . where apparently malicious code awaits.)
Mr. Miller notified Apple of the vulnerability, and Apple is presumed to be working on a patch. Supposedly they’ve known of the vulnerability for weeks, yet they’ve made no official statement on this topic.
In the meantime, iPhone users are urged to look for text messages that end with a single square character: if an iPhone user receives such a mesage, he/she is urged to immediately turn off the iPhone. (If it were me, I’d remove the battery . . . oops! You can’t, on an iPhone.)
Read more here: http://www.daniweb.com/blogs/entry4593.html# or http://www.computerweekly.com/Articles/2009/07/31/237129/iphone-vulnerable-to-hackers.htm or use Google for the latest news.