July 30, 2009 by Matt
At the Black Hat conference yesterday, hacker Charlie Miller demonstrated that exploit vulnerabilities in the iPhone and other smartphones. Previously announced in early July, Miller said further investigations were to be made and it seems he has concluded his research as he showed his capability to cripple the device using crafted sms messages.
In the demonstration, Miller used multi-part sms’, but didn’t send them all. This allows the iPhone’s internal heap to be manipulated so that a further sms can set the program counter which in turn tells the phone which step to execute next. This leaves both original & jailbroken iPhones open to the vulnerability.
Miller suspects the worm exploits can distribute the attack via the contact list making an easy way of infecting hundreds of thousands of iPhone users. Today’s presentation will address this issue, with Colin Mulliner – an iPhone Security Specialist.
- New iPhone Safari remote execution DoS exploit locks up your iPhone by simply visiting a malicious page
- Remote iPhone Denial of Service vulnerability exploit attacks 16GB iPhones (and 32GB Apple iPod Touch)
- Another iPhone DoS exploit discovered, maybe?
Sign up to receive latest iPhone World news and updates via e-mail, RSS, Twitter or Facebook!