That nasty, nasty exploit that Charlie Miller pimped for all its worth demonstrated at this week’s Black Hat conference yesterday in, where else, Lost Wages (Las Vegas), Nevada, has been patched, and that’s pretty fast turnaround for Apple. Still, it’s well nigh impossible to see any of these players in a positive light.

Ars Technica reports that Apple has, 24 hours early or not, delivered iPhone OS 3.0.1, which patches the SMS vulnerability discovered by Charlie Miller and, as noted by the mothership, Vincenzo Iozzo of Italy.

Hot on the heels of the big SMS security flaw reveal by Charlie Miller and gang at this week’s Black Hat conference, Apple has already released a patch to the iPhone OS that fixes the vulnerability. The update, iPhone OS 3.0.1, is available for all iPhone users through iTunes (just plug your iPhone in and click “Check for updates” in iTunes).

“Less than 24 hours after a demonstration of this exploit, we’ve issued a free software update that eliminates the vulnerability from the iPhone,” says Apple spokesperson Tom Neumayr. “Contrary to what’s been reported, no one has been able to take control of the iPhone to gain access to personal information using this exploit.”

A big, big update

I’ve been neurotically clicking “Check for Updates” in iTunes since learning this software became available and nothing so far. Then again, I’ve only got an original iPod touch that of course doesn’t do SMS, so maybe Apple’s trying to focus their resources on the needy or maybe it’s just taking a little while for it to propagate through the company’s massive digital infrastructure.

Whatever the case, iPhone OS 3.0.1 is about a lot more than just the aforementioned security issue and we know this because of this dot-fix’s size—a whopping 230.1MB—though we don’t have any details just yet on what those things are.

Dig in and come back and share your impressions about what’s been fixed, added and patched.

Have you noticed that hackers only give Apple et al whatever time exists between when they find an issue and when the next big conference is? So much for fairness or putting users’ interests first…

What’s your take?

Related:

Malicious website can lock up iPhone/iPod Touch and crash Safari

How to: Cache driving directions on your iPod touch

The $99 iPhone 3G is the real master stroke? Defining success…

NeuvaSync lets me keep my dates sorted

WebOS 1.2.1 fixes Palm Pre iTunes sync issue

Entry was posted on Friday, July 31st, 2009 at 5:42 pm under Firmware, Internet, News, iPhone, iPod Touch.  Print This Post

Read more entries by Ronald O Carlson.
Stumble It!