On Thursday, at the Black Hat cybersecurity conference in Las Vegas, two researches will reveal a bug which allows an attacker to take control over the victim’s iPhone by sending a couple of SMS messages.
If you’re the victim, you will probably see an SMS message containing a single square character. Charlie Miller and his colleague Collin Mulliner, who discovered the bug, say that the only thing you can do to protect yourself is turn off your iPhone.
If you don’t, the consequences can be serious. The remote attacker can dial the phone, open web sites in the phone’s browser, turn on the camera and microphone; in short, he or she can take complete control of your iPhone.
Do we really have to be scared? Well, it depends. According to Forbes, Miller and Mulliner have notified Apple about this vulnerability, and the company still hasn’t released a patch. If this bug is for real, it will get exploited in the wild fast, and the threat will become very real for end users.
Miller and Mulliner plan to showcase a couple of other security vulnerabilities tomorrow, some of which affect Windows Mobile and Android (Android) phones.