Via: Mobility Site

Symantec Security Response Weblog has posted a note warning that an exploit is in the wild that uses the multimedia messaging service (MMS) as a vector.

They summarize the status on this as:

• There has been a publicly disclosed vulnerability for over six months now.
• There is no patch for this vulnerability. 
• There is an exploit now out there.
• There is no easy way to patch the vulnerable devices due to the lack of auto updates

The key point – for me – in the Symantec article is the lack of an effective distribution method for patches / updates to Windows Mobile devices. I think that’s an area where some third party vendors will start (have already started) to lead the way and will get more attention and sales in the near future.

In terms of the threat level from this vulnerability, I may just not move in the right sort of circles – but I really don’t know anyone who uses MMS, at all. I get the impression most people may have looked at it once, thought it was lame, and never glanced back at it. I know I’ve never looked back at it until just now, and that was only to grab a quick screencap of the lovely ‘Boing’ clipart.

So … are many of you / any of you using MMS at all?  Concerned about MMS vulnerabilities and Windows Mobile patching methods?

Technorati Tags: Windows Mobile security – vulnerabilities – MMS – exploit