Apple iPhone owners having trouble with SMS messages and other security breaches can now get some relief from the Cupertino, Calif.-based company in the form of an update. A hole in Apple iPhone security can now be fixed with the iPhone OS 3.0.1 update released Friday and only available through the latest version of iTunes. Apple recommends iPhone owners apply the update immediately. The security hole, first discovered by Charlie Miller, a principal security analyst with Independent Security Evaluators, enabled a hacker to run software code on the iPhone that is sent via an SMS. The code can turn on the microphone of the iPhone, allowing the hacker to listen in on conversations, or force the iPhone to become part of a denial-of-service (DoS) attack. This method does not use the wireless carrier, so it is free and invisible to the carrier. The security hacker and Collin Mulliner of Fraunhofer SIT wrote the software to exploit the security weakness,

targeting iPhones on AT&T’s network and on four different networks in Germany. Apple Aware The duo notified Apple of the security flaw earlier this month, but Apple didn’t make a patch available before Miller and Mulliner demonstrated the possibility of an attack in greater detail on Thursday at Black Hat, a security conference in Las Vegas. On Friday, Apple gave credit to Miller and Mulliner for reporting the issue; Apple released this message in an e-mail with information about its update: “A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling. Credit to Charlie Miller of Independent Security Evaluators and Collin Mulliner of Fraunhofer SIT for reporting this issue.” Security analysts say it’s unclear at this time how…

View original here: 
Apple Slow To Release Patch for iPhone Security Hole