Jeep owners have been urged to update the software on their on-board car management systems after hackers disabled a Cherokee model and crashed it into a ditch.
The hack was carried out by two security experts on a Jeep being driven by a Wired journalist – with his full knowledge.
The Fiat Chrysler Automobiles (FCA) car was hacked over the internet via its Uconnect system, resulting in the engine and brakes being disabled. The car then crashed into a ditch.
The UConnect's internet-enabled software allowed security researchers Charlie Miller and Chris Valasek to disable the vehicle.
Uconnect controls a range of functions, including the GPS, windscreen wipers, engine and brakes.
FCA has built many thousands of vehicles with the Uconnect system since late 2013. The system lets owners remote start the engine, flash the headlamps and unlock the doors – by using an app.
Miller and Valasek have previously hacked a Toyota Prius and a Ford Escape. However, the Jeep Cherokee hack is notable because the hackers did not need to make physical contact with the vehicle.
The hackers told FCA about the Uconnect's vulnerability, promoting the car giant to provide Uconnect users with an update on July 16.
Owners must download the update from the FCA website, then install it on the Uconnect system using a USB flash drive.
In a statement the FCA said: “FCA released a software update that offers customers improved vehicle electronic security and communications system enhancements. The Company monitors and tests the information systems of all of its products to identify and eliminate vulnerabilities in the ordinary course of business. Customers can either download and install this particular update themselves or, if preferred, their dealer can complete this one-time update at no cost to customers.”