Apple fixes SMS security hole with OS 3.0.1 - jailbreak still works

Apple released an iPhone operating system update at the weekend to fix a security vulnerability that allowed hackers to gain access to a handset by SMS.

The vulnerability was detailed by security researchers Charlie Miller and Collin Milliner at the annual Black Hat security conference on 30 July. In short, it allows a hacker to obtain low-level (‘root’) access to an iPhone, and remotely upload and executive software, simply by sending a succession of carefully crafted text messages.

Such access is possible because of a memory corruption bug in the iPhone's Messages (SMS) application and the researchers first notified Apple about the problem in June. The bug affects all iPhone models and iPhone operating systems — up to this latest update, that is. The OS 3.0.1 update that Apple released at the weekend fixes the SMS vulnerability and users should be notified of the update when they next sync their iPhone with iTunes.

It’s worth noting that Apple isn't the only manufacturer whose handsets are at risk with this hack, and Miller and Mulliner demonstrated a similar flaw on a Google Android-powered smartphone. Certain HTC-made Windows Mobile smartphones have a similar security weakness, too.

Hackers of the benevolent kind will be relieved to learn that the operating system update doesn’t prevent iPhones from being unlocked — or ‘jailbroken’ — to allow non-Apple-approved apps to be installed.

The iPhone Dev Team — inventors of the iPhone jailbreak — have reported that its 'redsn0w' and 'ultrasn0w' jailbreak programs for iPhone OS 3.0 still work on OS 3.0.1. Previous iPhone updates have closed the holes used by jailbreak software, leading some users to delay their updates until a new jailbreak is developed. Delaying a fix for such a potentially serious security hole as this SMS vulnerability is not wise, but fortunately, that’s not an issue this time around.

[Apple]