Apple was quick to release a firmware update for the iPhone on Friday to fix an SMS exploit that was revealed at Black Hat 2009, the hacking and security conference held in Las Vegas.

At the event, security experts Colin Mulliner and Charlie Miller demonstrated to the audience how the smartphone could be hacked using simple SMS text messages. The result of the hack would be that smartphones could be vulnerable to spam text messages, reconfigured using malicious code or just shutdown. In the most severe of circumstances, the code could be used to turn the phone into a spying device and steal data. The risk of a large viral outbreak was also present as malicious code could be executed to send additional spam messages to all the addresses in the contact list.

Black Hat 2009 was not intended to be where this vulnerability was to be revealed. Mulliner and Miller had approached Apple officials in early July regarding this exploit with no response.

Since going public with their findings, Apple has released the 3.0.1 firmware update. The 300MB update for the iPhone, iPhone 3G and iPhone 3GS is available through iTunes. The update contains only the SMS patch, there are no additional code fixes or enhancements.

Interestingly, this hack is not limited to just Apple products as Windows mobile and Google Android have similar weaknesses. Google has already patch their system while Microsoft representatives said they are investigating the matter.

[Source]