Microsoft has issued its first-ever security update for Windows Phone 7, an expansion of a security advisory for Windows.
issued a first-ever security update for Windows Phone 7.
Back in March,
attackers requested nine valid digital certificates from
Comodo, an entity that issues SSL (Secure Sockets Layer) certificates,
and managed to receive one before the account was shut down. Comodo said it
noted no attempts to use the certificates, which could have been used to
perform phishing attacks, spoof content or perform malicious "man in the
middle" operations against Web browser users.
how one of the certificates affected the login.live.com property owned by
Microsoft, Redmond executives issued a security advisory March 23. At the time,
Microsoft targeted the update at Windows users, but is now expanding beyond
desktop and laptop software to its mobile products: Windows Phone 7, Windows
Mobile 6.x, Zune and Kin.
"An update to
help address this issue is available for all supported releases of Windows and
is beginning to be delivered to Windows Phone 7 customers," reads Microsoft's
security advisory, updated May 3. "Customers will receive an on-device
notification once the update is available for their phone." In order to install
the update, Windows Phone 7 users will need to connect their device to a PC or
can use fraudulent certificates to a number of ends, including redirecting
users to malicious Websites. Once a user is "snagged" on those sites, they
could be manipulated into downloading Trojans or key-loggers, or have arbitrary
code injected into the browser. The domains targeted in the original Comodo
attack-which included Websites owned by Google, Yahoo and Skype-could also be
used by a government attempting surveillance on dissidents.
previously issued two major updates for Windows Phone 7, neither having to deal
with security. In February, the company rolled out a minor infrastructure
update designed to pave the way for future software upgrades. However, a number
of users reported the update stalled their smartphones, kicking off a week of
damage control on Microsoft's part.
In the wake of
that, Microsoft proceeded more cautiously with its larger "NoDo" update, which
included faster application-loading and cut-and-paste functionality. It issued
charts detailing the update status for Windows Phone 7 smartphones in the United States and around the world, the right executives gave the
inevitable mea culpas, and the second go-round seemed to proceed a little more
smoothly-except for some Samsung device owners continuing to report issues.
Microsoft is pouring hundreds of millions of dollars into its smartphone efforts,
it could face an uphill battle in terms of consumer adoption, at least
according to new data from The Nielsen Company.
According to a
recent Nielsen survey, for the period between January and March, some 31
percent of consumers indicated they wanted an Android smartphone as their next
device; Apple's iOS scored 30 percent, and RIM's BlackBerry came in third with
11 percent. Windows Mobile/Windows Phone 7, however, trailed with 6 percent-a
downtick from the 7 percent reported in Nielsen's last survey, which took place
between July and September 2010.
Nicholas Kolakowski is a staff editor at eWEEK, covering Microsoft and other companies in the enterprise space, as well as evolving technology such as tablet PCs. His work has appeared in The Washington Post, Playboy, WebMD, AARP the Magazine, AutoWeek, Washington City Paper, Trader Monthly, and Private Air. He lives in Brooklyn, New York.