[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Patch for IE on Windows Mobile/CE

To: Securityfocus <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: No Patch for IE on Windows Mobile/CE
From: "LIUDIEYU dot COM" <liudieyu.com@xxxxxxxxx>
Date: Fri, 13 Jul 2007 23:10:59 +0800

When Microsoft patches a security problem in IE, they generally don't
make fix for Windows Mobile. Some security problems, such as address
spoofing and cross-domain scripting etc, they are not naturally
eliminated by lower-level changes ... a different operating system,
another cpu arch, address space layout randomization, non-executable
stack, etc. A patch would be necessary for rectification or the
problem remains.

For pentesters I suggest maybe it's worthwhile to try a little muscle
against IE on mobile devices.

LIU DIE YU
12 JUL 2007

Prev by Date: ActiveWeb Contentserver CMS Multiple Cross Site Scriptings
Next by Date: [Eleytt] 12LIPIEC2007 2007-07-12
Previous by thread: ActiveWeb Contentserver CMS Multiple Cross Site Scriptings
Next by thread: [Eleytt] 12LIPIEC2007 2007-07-12
Index(es):
- Date
- Thread