Further Information on the Pocket PC MMS Exploit
F-Secure have done further study on the MMS exploit discovered by Collin Mulliner. The exploit affects most Pocket PC phone edition and Windows Mobile devices that use versions of ArcSoft MMS composer predating August 2006.
Fortunately, most vendors are providing updates that patch the vulnerability, but unfortunately they don't necessarily mention this in their updates. If you are unsure whether your phone vendor is providing the update, we recommend checking the vendors support page and contacting them if they don't have information available.
[ Read more ]