Print
Close Window
From: www.itworld.com
Microsoft, Orange to patch smart phone bug
January 16, 2003 —
Microsoft Corp. and mobile phone operator Orange SA are working to patch a security bug that affects the first mobile phone to use Microsoft's Windows Powered Smartphone software, Orange said Thursday.
The SPV phone, launched in October and sold by Orange in several European countries, can run downloadable applications. It was designed to only run certified applications, in order to protect customers against rogue code. However, details on how to disable this security feature have become public, allowing the installation of applications that have not been certified, Orange said in a statement Thursday.
Culprits are SPV users and software developers who were upset with the block on running third-party applications. They came up with a way to undo that protection and posted instructions in online discussion forums on software development for smart phones like the SPV.
Microsoft and Orange have investigated the issue and will provide a security update as soon as possible to solve it, Orange said. Users will be able to download this update through the Orange Update application on their SPV, the Paris mobile operator said.
The procedure to unlock a phone involves manually editing two files on the phone using a PC and the synchronization software, according to one set of instructions found online. Because changes have to be made directly on the phone to be able to bypass the security, Orange said it does not see the issue "as posing any risk to the security" of SPV users.
Orange calls on developers who want to create applications for the SPV to go through the certification process. The company will launch a Web site for SPV developers at the end of February, according to the statement.
The SPV runs Microsoft's Windows Powered Smartphone software and is a mobile phone with PDA (personal digital assistant) features. The software is based on Microsoft's Windows CE 3.0 operating system and includes a Web browser, e-mail and instant messaging clients, an address book and a media player.
ITworld.com