Patch will fix a security hole in the OS's messaging hub that can brick Windows Phones

While no known exploits are currently in the wild, Microsoft Corp.'s (MSFT) smartphone OS du jour, Windows Phone, reportedly has a whopper of a security flaw in its messaging hub application.  The flaw allows a malicious attacker to use malformed messages to not only brick the phone, but to semi-permanently kill the messaging hub, even in a salvage scenario.

Microsoft was pretty proactive on this one, it appears.  Within days of the story hitting the press, it had contacted the hacker/security-expert who discovered the flaw --  Khaled Salameh -- and set to work determining the extent of the problem and diagnosing it.  

Now Mr. Salameh reports via Twitter that Microsoft let him know that they feel they have the problem fully understood and are testing a patch.  By the sound of it, that patch could be just days away from going live.

It's nice to see Microsoft taking such a proactive approach, particularly for an exploit that's not even being actively attacked in the wild yet.  But that's not exactly surprising -- unlike some companies that try to dupe their customers into a false sense of security, Microsoft has been leading the way in terms of pushing hard to respond quickly to threats and be honest in its threat disclosure policy.

Source: Twitter (Khaled Salameh)

"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer

Latest Blog Posts
T-Mobile Data Problems
Saimin Nidarson - Oct 20, 2016, 10:17 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki