Time for the next installment in my enthralling series on ‘Watching Microsoft Patch Windows CE’ and remember kids:
There are currently no reported security vulnerabilities for Windows CE
In my previous entry on this subject [2] I covered up untilFebruary’s updates for Windows CE 5 (the base to Windows Mobile 5 and6) so I’ll start logically with March’s [3 Below is my commentary foreach of the fixes I feel has a security impact.
• 070310_KB934175 – Numerous bugs in the .NET 2.0 compactframework; some of the exceptions / access violation occur in nativecode.
• 070320_KB933434 – Remote denial of service condition in RNDIS
• 070320_KB933680 – This issue discusses how Internet Explorer willcrash when it receives a certain response for a web server. The updatepatches WININET.DLL – as we all know a crash is a pretty goodindication of something worth investigating which may yield arbitrarycode execution.
