<<< Date Index >>>     <<< Thread Index >>>

No Patch for IE on Windows Mobile/CE



When Microsoft patches a security problem in IE, they generally don't
make fix for Windows Mobile. Some security problems, such as address
spoofing and cross-domain scripting etc, they are not naturally
eliminated by lower-level changes ... a different operating system,
another cpu arch, address space layout randomization, non-executable
stack, etc. A patch would be necessary for rectification or the
problem remains.

For pentesters I suggest maybe it's worthwhile to try a little muscle
against IE on mobile devices.

LIU DIE YU
12 JUL 2007