The hole in the SMS software allows for a remote person to run software code on the iPhone and monitor the location of iPhone using GPS, turn on the phone’s microphone and eavesdrop on conversations. Or even make the iPhone join a denial of sevice attack or botnet. All by sending an SMS over a mobile operator’s network.
Apple hopes to address the vulnerability within the next few days. I hope so too!