|
|
 Mobile Windows News |  Podcasts |  Videos | Search | Forums | Site News |
|
ActiveSync still a security loophole despite Microsoft cutting features October 02, 2008 [General] | By Edward J. R. Long time ago it was possible to synchronize Windows Mobile over WiFi (or over the Internet even) with a PC running ActiveSync, but Microsoft has removed this excellent feature due to security reasons. Instead of making it deactivated by default or secure, Microsoft just removed features! However it still does not help with comes to security... Seth Fogie writes: Exploiting Systems Through ActiveSync I wrote a piece for InformIT examining a security loophole created by ActiveSync 4.x through which attackers can launch attacks against vulnerable systems. Due to the way ActiveSync 4.x works in conjunction with RNDIS (Remote Network Driver Interface Spec.), any time a Windows Mobile device is connected to a host PC, it will establish a full TCP/IP connection over which the rest of the syncing process is established. While good for stability, this gives an attacker full network access to the host PC. White Wolf Labs has put together a working demonstration (with video and PoC) of how this hole can be exploited - up to and including establishing a reverse-shell over RNDIS between the PC and a Windows Mobile device. To learn more, visit related article about ActiveSync security problem and a video demonstration about this ActiveSync security issue.  Post your comment (free registration is required to post, but if you register you can edit your posts later)
   |
| ||||||
| Mobile Windows News | Podcasts | Videos | Search | Forums | Site News |
