Consumer technology firm Apple issued a patch on Friday to fix a critical iPhone flaw that could have allowed attackers to execute code just by sending a specially-crafted text message.

Charlie Miller, a consultant with Independent Security Evaluators, and Collin Mulliner, a PhD student at the Technical University of Berlin, presented the details of the vulnerability at the Black Hat Security Conference in Las Vegas last week. The memory-overflow issue could allow a minor crash or remote exploitation by sending a malicious text message to the iPhone over the short message service (SMS) available on all phones.

"Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution," Apple stated in its advisory. "This update addresses the issue through improved error handling."

SMS vulnerabilities appeared to be the flavor-of-the-month at this year's conferences. Google's Android smartphone operating system and Windows Mobile were also revealed to have significant SMS vulnerabilities.

Miller and Mulliner notified Apple of the flaw about six weeks ago, according to press reports.

If you have tips or insights on this topic, please contact SecurityFocus.