As any other applications, the software platforms which power the mobile devices like iPhone, Android and Windows Mobile are vulnerable to viruses. By using a fuzzing based test method, the security experts Charlie Miller and Collin Mulliner have injected SMS messages locally in an iPhone, without the need of a mobile operator network and have demonstrated how a virus can be enabled on an iPhone device in the absence of phone user participation, just by receiving a SMS.

Earlier this month, the above mentioned security experts have reported to Apple the security vulnerability discovered in case of iPhones, when a user device can be controlled by a hacker only by the sending of a SMS message to the targeted phone.

The SMS sent to the iPhone contains the necessary code to crash the device. More specifically, the existing iPhone security flaw permits to a hacker to control the mobile device remotely, such that the attacker gains total control of the phone’s camera or Safari browser and in the same time is able to send messages containing the same virus to the persons existing in the phone’s address book.

According to Mashable, until a patch will be realeased to fix this major security flaw of Apple iPhone devices, in order to avoid a possible infection, you are strongly advised to turn off the phone if you receive offending text messages containing only a single square character.

Another method to prevent SMS viruses to enter in your iPhone is to disable the SMS App and keep the mobile device always on before a patch will be available. A quick tutorial on how to disable the SMS App on the iPhone can be read here.

The same security vulnerability also exist in case of Android and Windows Mobile devices. Having in view that the virus recipe was made already public, in the next weeks you should expect to be the target of attacks based on SMS messages. Don’t forget, if the attack succeeds, your phone will be in the total control of the attacker. Until the present moment, an official patch to fix this security leak of the iPhone software was not yet released.

For further information, check the article published by Charlie Miller and Collin Mulliner:

Tags: Apple, Hot News, Mac OS X, Operating Systems, security, Web Browsers, Web Security

Related Articles

• Tweetdeck: The iPhone App And Beta Version Of Desktop Client Was Launched (0)
• iPhone OS 3.0 Is Ready For Free Download (0)
• Tiny Core Linux 2.1 Uses Just 48 MB RAM At Boot (0)
• Photobucket Has Visual Search (0)
• Microsoft Security Essentials Beta: Official Release (0)
• Macpup Opera: The Fastest Child Of Puppy Linux (2)

This entry was posted on Friday, July 31st, 2009 at 11:23 am and is filed under Operating Systems, Web Browsers, Web Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.