Apple is hard at work to patch a serious vulnerability that could allow a hacker to perform malicious acts unknowingly on the iPhone platform.

The attack, which hasn’t been described in detail, works when the attacker sends the victim an SMS that could cause the phone to run malicious code or programs without the phone operator’s permission.

“The SMS vulnerability allows an attacker to run software code on the phone that is sent by SMS over a mobile operator’s network. The malicious code could include commands to monitor the location of the phone using GPS, turn on the phone’s microphone to eavesdrop on conversations, or make the phone join a distributed denial of service attack or a botnet”

The good news is that the person who discovered the vulnerability, Charlie Miller, has been working with Apple and he will not discuss in detail the vulnerability until Apple has patched the exploit. This is a good step because if this exploit reached those with malicious intent, millions of iPhone users’ phones could be compromised very quickly because of how fast text messages spread.