backtop


Print

Patch will fix a security hole in the OS's messaging hub that can brick Windows Phones

While no known exploits are currently in the wild, Microsoft Corp.'s (MSFT) smartphone OS du jour, Windows Phone, reportedly has a whopper of a security flaw in its messaging hub application.  The flaw allows a malicious attacker to use malformed messages to not only brick the phone, but to semi-permanently kill the messaging hub, even in a salvage scenario.

Microsoft was pretty proactive on this one, it appears.  Within days of the story hitting the press, it had contacted the hacker/security-expert who discovered the flaw --  Khaled Salameh -- and set to work determining the extent of the problem and diagnosing it.  

Now Mr. Salameh reports via Twitter that Microsoft let him know that they feel they have the problem fully understood and are testing a patch.  By the sound of it, that patch could be just days away from going live.


 
It's nice to see Microsoft taking such a proactive approach, particularly for an exploit that's not even being actively attacked in the wild yet.  But that's not exactly surprising -- unlike some companies that try to dupe their customers into a false sense of security, Microsoft has been leading the way in terms of pushing hard to respond quickly to threats and be honest in its threat disclosure policy.

Source: Twitter (Khaled Salameh)





"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." -- Charlie Miller






Most Popular ArticlesiSO 11 is Almost Ready:
September 19, 2017, 7:48 AM
Samsung Galaxy S9 – Latest Leaks
September 24, 2017, 6:57 AM
Intel Coffee Lake release date
September 10, 2017, 6:07 AM
We will Get 5G Phones in 2019
September 19, 2017, 6:49 AM
Google Pixel 2XL will reportedly cost less.
September 20, 2017, 6:17 AM

Latest Blog Posts






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki