Register a free account

ne nw
Crawlability Inc. Files for SEO Technology Patent
se sw

Go Back   Forum Index > Internet > Security Alerts and vulnerabilities
Reload this Page MMS Exploit Released for Windows Mobile – No Patch Available
The Software Store
Register Members List Social Groups Calendar Search Today's Posts Mark Forums Read FAQ

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 12-30-2006, 02:06 PM
Symantec's Avatar
Symantec Symantec is offline
Senior Member
  
Join Date: Oct 2006
Posts: 300
MMS Exploit Released for Windows Mobile – No Patch Available
MMS Exploit Released for Windows Mobile – No Patch Available
<p>Collin Mulliner gave an updated version of his presentation at <a href="https://events.congress.ccc.de/congress/2006/Fahrplan/events/1545.en.html">23C3</a> in Berlin titled ‘<a href="http://www.mulliner.org/pocketpc/feed/pocketpcmms_collinmulliner_23c3.pdf">Advanced Attacks Against PocketPC Phones’ </a> (we originally blogged about it in <a href="http://www.symantec.com/enterprise/security_response/weblog/2006/08/remote_code_execution_on_windo.html">August</a>). As I <a href="http://www.symantec.com/enterprise/security_response/weblog/2006/12/more_on_windows_cemobile_5.html">previously</a> mentioned, one of the vulnerabilities he discussed had, to my knowledge, still not been patched. Well Collin confirmed this in his presentation and also released a working <a href="http://www.mulliner.org/pocketpc/feed/pocketpcmmssmilexploit.tar.gz">exploit</a> for the vulnerability to liven things up a little.</p>

<p>So let’s summarize:<br />
• There has been a publicly disclosed vulnerability for over six months now<br />
• There is no patch for this vulnerability <br />
• There is an exploit now out there<br />
• There is no easy way to patch the vulnerable devices due to the lack of auto updates (try explaining what a firmware update is to your parents)</p>

<p><br />
Now what can we do about this? Well, Collin summarizes the following defense points in his presentation:<br />
• WLAN notification flooding denial of service<br />
o Packet filter / firewall on phone</p>

<p>• MMS message based attacks (the SMIL exploit)<br />
o IDS / “AntiVirus” on phone<br />
o Mobile phone service provider based IDS / “AntiVirus”</p>

<p>• General SMS/MMS Service Provider Measures<br />
o Filter binary SMS that carry MMS MNotification.ind</p>

<p>• Install firmware updates when available!!!</p>

<p>These pretty much do summarize the key points, however, Collin also mentions in his presentation, “User only needs to view the message to trigger exploit.” So I would add, only view MMSs from trusted sources.</p>

<p>On that note, Happy New Year everyone! And remember, just because it doesn’t look like a computer doesn’t mean it can’t be owned.</p>

<p></p>

<p></p>

<p><br />
</p>
http://www.symantec.com/enterprise/security_response/weblog/2006/12/mms_exploit_released_for_windo.html
http://www.symantec.com/enterprise/security_response/weblog/2006/12/mms_exploit_released_for_windo.html
Sat, 30 Dec 2006 10:30:00 -0800
Reply With Quote
Sponsored Links

Reply

Bookmarks

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 01:05 AM.

Contact Us - CyberAnswers - Archive - Privacy Statement - Top

234x60
Bulletin Board Custom Version by Mobo
Copyright 2004-2007 Cyberanswers.org All rights reserved