Apparently you might want to update your Apple software in a hurry, because there’s a flaw that makes it easy for hackers to steal your passwords.

That flaw means they can do the dirty with just a single text message, and whilst Apple have released the relevant update this week many have yet to install it.

Not worried yet? Fortune certainly aren’t mucking around:

“This is very high severity issue,” Craig Williams, senior technical lead and head of global outreach at Cisco. Talos, the networking giant’s threat intelligence division, told Fortune on a call. “The fact that you have an exploit without any user interaction makes me very concerned”…

Here’s how an exploit could work: If an attacker were to send someone a booby-trapped multimedia message (MMS), for example, containing malicious code in a “tagged image file format” (abbreviated as TIFF, a format like JPEG or PNG), then the code would start executing as soon as it was received.

“What makes iMessage insidious is that it cues it,” Williams said, stressing that the hack could also be delivered via other means, such as by email or webpage, as well.

Ultimately, an attack could give a hacker access to portions of a computer’s memory, which could contain sensitive information, such as passwords and login credentials…

Uh, so basically all the good stuff then.

It’s no wonder that more and more businesses (and individuals) are taking hacking seriously these days, speaking to companies like NEWORDER who specialise in hacking and industrial espionage protection.

Update your phone software guys and girls, better safe than sorry.

[source:fortune]