A few weeks ago Wired ran a story on a vulnerability in the Jeep Cherokee’s on-board control system. Two hackers, Charlie Miller and Chris Valasek, demonstrated how this weakness can be exploited to remotely gain complete control over almost every function of a Jeep.

The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

Fortunately for Chrysler, full details of the exploit have not been released and the automaker has released a patch for the vulnerability. The problem for them though is applying the patch to the thousands of cars already sold.

Unfortunately, Chrysler’s patch must be manually implemented via a USB stick or by a dealership mechanic. … That means many—if not most—of the vulnerable Jeeps will likely stay vulnerable.

This is potentially the tip of the iceberg for the auto industry where, as the article states, the modern car is becoming like a smartphone with and internet enabled computer controlling all aspects of the car from entertainment, to navigation and engine control. As with any computing device connected to the internet, managing security is a major issue and one which car manufacturers appear slow to respond.

Via Wired.