Apple describes it like this:
A memory corruption issue exists in the decoding of SMS messages. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. This update addresses the issue through improved error handling.
In plain English, a hacker could basically get root access (super user) by sending a series of text messages that would cause the phone to almost crash, and then the hacker can run programs while the phone is dazed.
Of course I find it ironic that the iPhone is vulnerable to a text messaging attack while it doesn't even support Multimedia Messaging.
If you want a little ranting, when I went to update the iPhone (which Markie never synchronizes) it didn't just install a quick security patch, but instead wanted to install around 150MB of updates for Quicktime, Safari, and some kind of My Mobile platform.
The Android update, by comparison, was small and painless. We actually had to go check that it had happened it was so quick and easy.
And, perhaps surprisingly, my Windows Mobile 6 phone wasn't affected at all.