Microsoft News

Microsoft issues security advisory affecting all versions of Windows, Windows Phone

General News

UK government set to rush through emergency surveillance legislation

General News

UK officials follow US counterparts by banning electronics that have no charge from boarding flights

Microsoft News

Microsoft restores control of seized domains to No-IP

Microsoft News

Microsoft takes down accounts hosted through No-IP in latest malware crackdown

Windows 8 Apps+Games

1Password for Windows gets much needed 4.0 update

Editorials

Using strong passwords and keeping your online self secure

General News

First smartphone 'kill switch' bill in the US passed by… Minnesota

Apps

Secure your passwords and critical information with Enpass Password Manager

General News

Bitly alerts users of widespread account compromises, claims no accounts have been accessed

Apps

John McAfee's Chadder aims to keep your messages private, lands on Windows Phone before iOS

Windows

Microsoft issues security patch for Internet Explorer

Microsoft News

Microsoft issues warning about limited, targeted attack vulnerability in Internet Explorer

How To

Get secure by encrypting your PC with Microsoft BitLocker for Windows 8 Pro

Microsoft News

Microsoft Store giving away $100 credit; simply trade up your Windows XP dinosaur (US and Canada Only)

Microsoft News

Microsoft says it's really time to dump Windows XP thru this clever infograph

Editorials

So, you want to adopt BYOD?

Microsoft News

From a Bill Gates memo to an industry practice: The story of Security Development Lifecycle

Microsoft News

Microsoft to fix Internet Explorer vulnerability along with other system exploits next week

Apps

Kaspersky Safe Browser now available for Windows Phone

21

Windows Phone only smartphone OS immune to Webkit vulnerability

Windows Phone unaffected by new malware

Security firm CrowdStrike has identified a vulnerability that could allow attackers to seize complete control over a smartphone.  The hole could allow an attacker to gain access via Webkit-based browsers, which makes up the bulk of mobile web browsers.  The good news for Windows Phone users is that they are in the clear because Microsoft designed Internet Explorer themselves, opting not to use the Webkit platform.

George Kurtz, CEO of CrowdStrike, has tested this theory and has confirmed that Windows Phone, unlike iOS, Android and Blackberry, is immune to this threat.  Kurtz has not revealed the details of the vulnerability, but will be holding a demonstration tomorrow at a TSA conference.  For the time being, there is little that users can do to protect themselves.  Any fixes must come from the OS developers first, and then get pushed out to consumers.

Source: Zunited

16
loading...
101
loading...
146
loading...
0
loading...

Comments

There are 21 comments. Sign in to comment

Jaja in your face webkit toters

aubreyq says:

Yay for Windows Phone!

selfcreation says:

MS might have allot of * securaty* restriction with the OS but atelase we are safe from does things!!
 
GJ MS..

Ton77 says:

Good to know

blackprince says:

Thanks MSFT you rock.

lippidp says:

This is good news. However, it got me thinking. Almost every month MS patches an IE security vulnerability via Windows Updates. Since IE on WP is much the same, shouldn't we be getting regular IE patches on our phones, too?

goldenpipes says:

I don't think so because on a PC such a security hole would allow the hacker/spyware to seize control of the PC, with WP there is no way to take control of the OS. If I'm not mistaken.

That's a good question once we reach WP8, but for now, it's IE on Windows CE platform which wouldn't be affected by the same vulnerabilities.
That's not to say it doesn't have its own potential issues though.

Neusyn says:

Haha, I win once more against my Android buddies :D Windows Phone is awesome.

sanjlogan says:

U r absolutely right bud.. Cuz I won all the times when my Android buddies tie a bet on my WP

ChrisSsk says:

Apple will probably release an update to all supported iOS devices in a month or 2, Google will also fix Chrome for Android and the ICS browser soon, probably faster than Apple, but the majority of Android phones, that are running 2.2 and 2.3 will never see a fix

awesumjon says:

Good to know.

Solidstate89 says:

Wow. Only now do I finally realize that the stock browser of nearly every Mobile OS is based on Webkit. That's insane.
 
I also wonder if you're an Android user and you use Opera or Firefox as your main browser if you're free from the vulnerability.

jtshorns says:

Mixed feelings on this one. I somehow feel that the only reason there aren't the vulnerabilities in mobile IE is exactly because of how small the market share is. The hackers are focusing on webkit because it pretty much targets everybody.

Or maybe webkit isn't as secure as once thought, butthurt much

Solidstate89 says:

Or it really is just Webkit that's at fault. It's had several major security flaws in the last few months.
 
I've never liked Webkit very much compared to Gecko and this just further cements my belief.