Vulnerability Found in Windows Mobile

Flaws within the Windows Mobile operating system could cause phones to crash, security firm Trend Micro said in a pair of advisories. One deals with Internet Explorer, while the other involves the Pictures & Videos application.

In each case, devices running these programs and opening either a specially crafted Web page or JPEG image file could be susceptible to a denial-of-service attack. Microsoft has been alerted to the issue, and the firm will not release details of the flaw.

Versions affected include Windows Mobile 2003 and 5.0. In the case of the Picures & Videos flaw, the device would lock up for approximately 10-15 minutes while it attempts to process the file. No error messages would be given during this period.

The flaw in Internet Explorer would cause a stack overflow, which in turn would cause IE to terminate. The device would become unstable, and would require a reset to begin using IE, and the device, normally.

No patches are currently available for either issue. In the case of the IE advisory, Trend Micro recommends keeping the device updated with the latest firmware, as well as avoiding untrusted or questionable sites.

Virus threats for mobile phones are relatively low, however experts expect this to increase with increased usage of smartphones. The expected risk has prompted several antivirus firms to begin offering mobile versions of their software, and Trend Micro is one of those companies.