Apple warns iPhones vulnerable; fixes bug
Apple releases an iPhone software patch to fix a critical software bug uncovered by researchers
Apple Inc has released an iPhone software patch to fix a critical software bug uncovered by two independent researchers that make the devices susceptible to secret attacks by hackers.
Apple said on Friday that customers need to download the patch onto their computer using iTunes, then install it on their iPhone by connecting the device to the computer.
While Apple has issued the patch, the flaw remains a problem until millions of iPhone users upgrade their software. In the meantime, criminal hackers may try to exploit the flaw to commit cybercrimes.
News of the flaw surfaced on Thursday when researchers Charlie Miller and Collin Mulliner discussed the vulnerability at the Black Hat conference in Las Vegas, one of the world's most prominent security conventions. They found the bug while looking for vulnerabilities in the SMS communications system, which mobile devices use to send and receive text messages along with software upgrades.
"There's a real urgency for people to update their iPhones because of this wave of publicity. The race is on between those fixing the vulnerability and attackers seeking to exploit the issue," said Joris Evers, a spokesman for No. 2 security software maker McAfee Inc.
Miller and Mulliner showed the audience at Black Hat how to break into iPhones by sending computer code via the phone's SMS system. They said that the phone's users cannot detect that it is receiving the malicious code.
They warned Apple of the flaw on July 18. The two said they decided to go public with their discovery in a bid to warn iPhone users of the potential risk and also pressure Apple to come up with a quick fix.
About 4,000 security professionals were in attendance at Black Hat, including some who are really hackers. While experts ferret out software flaws to fix them and protect users, hackers use the same information to devise pranks or commit crimes.
It is not illegal to disclose ways to hack into computer systems, though it is against the law to use it to break into them.
Apple sold 5.2 million iPhones in its most recent quarter. The smartphone is its most important growth driver. (Reuters)