Print this article | E-mail this article | Comment on this article

Vulnerability Found in Windows Mobile

By Ed Oswald, BetaNews

January 31, 2007, 4:46 PM

Flaws within the Windows Mobile operating system could cause phones to crash, security firm Trend Micro said in a pair of advisories. One deals with Internet Explorer, while the other involves the Pictures & Videos application.

In each case, devices running these programs and opening either a specially crafted Web page or JPEG image file could be susceptible to a denial-of-service attack. Microsoft has been alerted to the issue, and the firm will not release details of the flaw.

Versions affected include Windows Mobile 2003 and 5.0. In the case of the Picures & Videos flaw, the device would lock up for approximately 10-15 minutes while it attempts to process the file. No error messages would be given during this period.

The flaw in Internet Explorer would cause a stack overflow, which in turn would cause IE to terminate. The device would become unstable, and would require a reset to begin using IE, and the device, normally.

No patches are currently available for either issue. In the case of the IE advisory, Trend Micro recommends keeping the device updated with the latest firmware, as well as avoiding untrusted or questionable sites.

Virus threats for mobile phones are relatively low, however experts expect this to increase with increased usage of smartphones. The expected risk has prompted several antivirus firms to begin offering mobile versions of their software, and Trend Micro is one of those companies.

Add a Comment (2 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.