(BN) Apple Releases Software to Fix IPhone Security Flaw (Update2)

[David Farber <dave () farber net>]

Begin forwarded message:

From: "CONNIE GUGLIELMO, BLOOMBERG/ NEWSROOM:" <cguglielmo1 () bloomberg net 
>
Date: July 31, 2009 5:17:47 PM EDT
To: dave () farber net
Subject: (BN) Apple Releases Software to Fix IPhone Security Flaw  
(Update2)



+ 
------------------------------------------------------------------------------+

Apple Releases Software to Fix IPhone Security Flaw (Update2)
2009-07-31 21:01:43.506 GMT


    (Adds comments from Miller starting in fourth paragraph.)

By Connie Guglielmo
    July 31 (Bloomberg) -- Apple Inc. released a free software
update that corrects a security flaw in the iPhone, a day after
a researcher showed how hackers could exploit the vulnerability
to seize control of the device.
    “No one has been able to take control of the iPhone to
gain access to personal information,” Tom Neumayr, an Apple
spokesman, said today in an interview. The vulnerability could
have let malicious code into the phone through text messages.
    Charlie Miller, an analyst with Independent Security
Evaluators, pointed out the flaw at the Black Hat security
conference this week in Las Vegas. Hackers can use the iPhone’s
software to send attacks via SMS, or short message service,
allowing them to take over the phone, he said. The glitch
represents the first major vulnerability for the iPhone, which
debuted in June 2007.
    “I could steal the record of all your text messages, I
could start sending text messages, I could start making phone
calls, I could turn on the recorder and start listening to your
messages,” Miller said in an interview today. “The problems
that could arise are pretty bad.”
    In addition to sending text messages, SMS technology can
send instructions to a device, often without the user’s
knowledge, Miller said. Mobile-phone operators use SMS to send
instructions as part of routine updates. The SMS vulnerability
requires a hacker to send about 500 unnoticed messages before a
phone can be co-opted, Miller said. He alerted Apple to the
glitch on June 18.

                           First Time

    Apple’s software update is available via iTunes, the
software that delivers applications, music and videos to the
device.
    Apple, based in Cupertino, California, rose 60 cents to
$163.39 at 4 p.m. New York time in Nasdaq Stock Market trading.
The shares have gained 91 percent this year.
    Mobile phones with software from Google Inc. and Microsoft
Corp. also have SMS vulnerabilities, Miller said in his
presentation. Google fixed its flaw several weeks ago, said Rich
Cannings, a security engineer at the Mountain View, California-
based company.
    Microsoft said it’s investigating the Windows Mobile
vulnerability demonstrated at the conference.
    “Once we’re done investigating, we will take appropriate
action to help protect consumers,” said Christopher Budd,
security response communications manager at Redmond, Washington-
based Microsoft.

For Related News and Information:
Apple earnings: AAPL US <EQUITY> CH1 <GO>
Apple earnings stories: AAPL US <EQUITY> TCNI ERN <GO>
Apple product sales: AAPL US <EQUITY> PGEO <GO>
For top technology stories: TTOP <GO>

--Editors: Nick Turner, Lisa Wolfson

To contact the reporter on this story:
Connie Guglielmo in San Francisco at +1-415-617-7134 or
cguglielmo1 () bloomberg net

To contact the editor responsible for this story:
Jonathan Thaw at +1-415-617-7168 or jthaw () bloomberg net




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com