2 stories

Security researcher finds partial vulnerability in Windows Phone, but there’s no need to panic

Security researcher finds partial vulnerability in Windows Phone at an event, but you don't need to panic!

It’s rather a known fact that no operating system out there is completely secure. For that reason, many companies including Microsoft hold bounty events where they reward security researchers and any person who is able to find a vulnerability in their products. In a similar event sponsored by HP, a security researcher was able to find a partial exploit in Windows Phone.

At the annual Mobile Pwn2Own competition in Tokyo, Researcher Nico Joly found a vulnerability in the Lumia 1520 which he got access to via the mobile browser Internet Explorer. However, Joly was not able to gain complete access to the system. “He was successfully able to exfiltrate the cookie database; however, the sandbox held and he was unable to gain full control of the system.”, said HP.

Microsoft has been informed about the vulnerability, and it is likely to push an update to fix the issue. One good thing that comes out of these events is that the company is made aware of all the exploits, and it helps them patch the issue and make their products more sophisticated.


Further reading: , , , , , ,