This is a fairly gaping hole of gigantic proportion, according to the guys who developed the hack, once you manage to get in you had complete and utter access and control over everything.
According to the site the exploit can be delivered in three ways
1. An attacker controlled wireless access point.
2. A misconfigured forum website
3. A link delivered via e-mail or SMS
The full disclosure of the hack will be presented at BlackHat Las Vegas on August 2 at 4:45
the are offering up a preliminary verson of the Technical paper from their website (link at the bottom)
below shows a video:
Other related posts:
NZ Chief Spymaster announces Cyber attacks compromised government computers...