An expert Mac hacker is warning that Apple iPhones are vulnerable to binary code attacks sent via text that could give the hacker complete control of the phone.

Charlie Miller is reportedly an authority on MacOS X security, and is a co-author of The Mac Hacker's Handbook.

Binary code can be sent to mobile devices using SMS, but normally any sent code isn’t executed.

However, Mr Miller found the iPhone operating system automatically processes the code with no way of stopping it from receiving SMS’s apart from putting it into airplane mode, which disables the radio completely and makes the handset useless as a phone.

“SMS is a great vector to attack the iPhone”, Mr Miller said, “as SMS can send binary code that the iPhone processes without user interaction. Sequences can be sent to the phone as multiple messages that are automatically reassembled, thereby surpassing individual SMS message limits of 140 bytes."

If a hacker were to send malicious code to an iPhone via text it could then grant them admin privileges such as finding the location of the phone via GPS, making the phone join a DDoS attack or botnet, enabling the phone’s microphone to listen in on conversations – and access to all the phone’s data.

Apple is working on a patch for the vulnerability, said to be ready by the end of the month, while Mr Miller is scheduled to provide further details of the issue in his presentation at Black Hat USA 2009, a technical security conference which is running from July 25-30 in Las Vegas.

Mr Miller said that a side effect of jailbreaking an iPhone is that it removes about 80% of its security functions, and cautioned that users concerned about security should avoid jailbreaking.

Despite the SMS vulnerability, the stripped-down version of MacOS X used in the iPhone makes it more secure than computers running the full-blown operating system, Mr Miller said.