Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Another high-quality bug from MS
1 view
Skip to first unread message
Peter Köhlmann
Dec 13, 2011, 7:09:30 AM12/13/11
to
http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-
and-disables-messaging-hub/
and-disables-messaging-hub/
Chris Ahlstrom
Dec 13, 2011, 7:36:07 AM12/13/11
to
Peter Köhlmann wrote this copyrighted missive and expects royalties:
> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
The flaw works simply by sending an SMS to a Windows Phone user.
Windows Phone 7.5 devices will reboot and the messaging hub will not
open despite repeat attempts. We have tested the attack on a range of
Windows Phone devices, including HTC’s TITAN and Samsung’s Focus
Flash. Some devices were running the 7740 version of Windows Phone
7.5, others were on Mango RTM build 7720. The attack is not device
specific and appears to be an issue with the way the Windows Phone
messaging hub handles messages. The bug is also triggered if a user
sends a Facebook chat message or Windows Live Messenger message to a
recipient.
Yikes.
--
You program for Windows every day. You write closed source SW. You then
insult others who do the same. You are a hypocrite. DFS has you down to
a T.
See what I mean about a fraud and a liar? It was only a short time ago
that Liarnut was showing off about his killfiles and how he wondered if
I was still around. LOL. What a fraud.
-- "Hadron", http://www.pcreview.co.uk/forums/thread-3574610-2.php
> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
The flaw works simply by sending an SMS to a Windows Phone user.
Windows Phone 7.5 devices will reboot and the messaging hub will not
open despite repeat attempts. We have tested the attack on a range of
Windows Phone devices, including HTC’s TITAN and Samsung’s Focus
Flash. Some devices were running the 7740 version of Windows Phone
7.5, others were on Mango RTM build 7720. The attack is not device
specific and appears to be an issue with the way the Windows Phone
messaging hub handles messages. The bug is also triggered if a user
sends a Facebook chat message or Windows Live Messenger message to a
recipient.
Yikes.
--
You program for Windows every day. You write closed source SW. You then
insult others who do the same. You are a hypocrite. DFS has you down to
a T.
See what I mean about a fraud and a liar? It was only a short time ago
that Liarnut was showing off about his killfiles and how he wondered if
I was still around. LOL. What a fraud.
-- "Hadron", http://www.pcreview.co.uk/forums/thread-3574610-2.php
RonB
Dec 13, 2011, 7:44:15 AM12/13/11
to
On Tue, 13 Dec 2011 07:36:07 -0500, Chris Ahlstrom wrote:
> Peter Köhlmann wrote this copyrighted missive and expects royalties:
>
>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-
device-and-disables-messaging-hub/
>
> The flaw works simply by sending an SMS to a Windows Phone user.
> Windows Phone 7.5 devices will reboot and the messaging hub will not
> open despite repeat attempts. We have tested the attack on a range of
> Windows Phone devices, including HTC’s TITAN and Samsung’s Focus
> Flash. Some devices were running the 7740 version of Windows Phone
> 7.5, others were on Mango RTM build 7720. The attack is not device
> specific and appears to be an issue with the way the Windows Phone
> messaging hub handles messages. The bug is also triggered if a user
> sends a Facebook chat message or Windows Live Messenger message to a
> recipient.
>
> Yikes.
Continuing into the article:
> Peter Köhlmann wrote this copyrighted missive and expects royalties:
>
>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-
device-and-disables-messaging-hub/
>
> The flaw works simply by sending an SMS to a Windows Phone user.
> Windows Phone 7.5 devices will reboot and the messaging hub will not
> open despite repeat attempts. We have tested the attack on a range of
> Windows Phone devices, including HTC’s TITAN and Samsung’s Focus
> Flash. Some devices were running the 7740 version of Windows Phone
> 7.5, others were on Mango RTM build 7720. The attack is not device
> specific and appears to be an issue with the way the Windows Phone
> messaging hub handles messages. The bug is also triggered if a user
> sends a Facebook chat message or Windows Live Messenger message to a
> recipient.
>
> Yikes.
~~
The flaw appears to affect other aspects of the Windows Phone operating
system too. If a user has pinned a friend as a live tile on their device
and the friend posts a particular message on Facebook then the live tile
will update and causes the device to lock up. Thankfully there’s a
workaround for the live tile issue, at initial boot up you have a small
amount of time to get past the lock screen and into the home screen to
remove the pinned live tile before it flips over and locks the device.
~~
Yikes indeed. Who would ever want to use Windows hobbyware?
--
RonB
Registered Linux User #498581
CentOS 5.7 or VectorLinux Deluxe 6.0
or Linux Mint 10
Hardon
Dec 13, 2011, 12:36:07 PM12/13/11
to
On Tue, 13 Dec 2011 13:09:30 +0100, Peter Köhlmann wrote:
> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-
> and-disables-messaging-hub/
Anyone got Shillton's WP7 phone number? :-)
> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-
> and-disables-messaging-hub/
Anyone got Shillton's WP7 phone number? :-)
Tom Shelton
Dec 13, 2011, 6:34:51 PM12/13/11
to
Hardon presented the following explanation :
Idiot:
http://www.zdnet.com/blog/hardware/google-updates-android-sms-bug-status-to-critical/10826
http://www.engadget.com/2010/12/31/android-still-has-horrible-text-messaging-bugs-thatll-get-you-f/
http://androidcommunity.com/update-android-sms-bug-now-has-critical-priority-20110101/
At least, when I send a text message on my phone, it actually get's to
the person I sent it to.
--
Tom Shelton
http://www.zdnet.com/blog/hardware/google-updates-android-sms-bug-status-to-critical/10826
http://www.engadget.com/2010/12/31/android-still-has-horrible-text-messaging-bugs-thatll-get-you-f/
http://androidcommunity.com/update-android-sms-bug-now-has-critical-priority-20110101/
At least, when I send a text message on my phone, it actually get's to
the person I sent it to.
--
Tom Shelton
Homer
Dec 13, 2011, 8:47:49 PM12/13/11
to
Verily I say unto thee that Chris Ahlstrom spake thusly:
But then this is /Microsoft/, after all, so should we be surprised?
--
K. | "UNIX is basically a simple operating
http://slated.org | system, but you have to be a genius
Fedora 8 (Werewolf) on šky | to understand the simplicity"
kernel 2.6.31.5, up 204 days | ~ Dennis Ritchie
> Peter Köhlmann wrote this copyrighted missive and expects royalties:
>
>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
>
> The flaw works simply by sending an SMS to a Windows Phone user.
> Windows Phone 7.5 devices will reboot and the messaging hub will
> not open despite repeat attempts. We have tested the attack on a
> range of Windows Phone devices, including HTC’s TITAN and Samsung’s
> Focus Flash. Some devices were running the 7740 version of Windows
> Phone 7.5, others were on Mango RTM build 7720. The attack is not
> device specific and appears to be an issue with the way the Windows
> Phone messaging hub handles messages. The bug is also triggered if
> a user sends a Facebook chat message or Windows Live Messenger
> message to a recipient.
>
> Yikes.
Unlike Android "malware", that ain't no social engineering attack.
>
>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
>
> The flaw works simply by sending an SMS to a Windows Phone user.
> Windows Phone 7.5 devices will reboot and the messaging hub will
> not open despite repeat attempts. We have tested the attack on a
> range of Windows Phone devices, including HTC’s TITAN and Samsung’s
> Focus Flash. Some devices were running the 7740 version of Windows
> Phone 7.5, others were on Mango RTM build 7720. The attack is not
> device specific and appears to be an issue with the way the Windows
> Phone messaging hub handles messages. The bug is also triggered if
> a user sends a Facebook chat message or Windows Live Messenger
> message to a recipient.
>
> Yikes.
But then this is /Microsoft/, after all, so should we be surprised?
--
K. | "UNIX is basically a simple operating
http://slated.org | system, but you have to be a genius
Fedora 8 (Werewolf) on šky | to understand the simplicity"
kernel 2.6.31.5, up 204 days | ~ Dennis Ritchie
Chris Ahlstrom
Dec 14, 2011, 6:16:13 AM12/14/11
to
Homer wrote this copyrighted missive and expects royalties:
> Verily I say unto thee that Chris Ahlstrom spake thusly:
>> Peter Köhlmann wrote this copyrighted missive and expects royalties:
>>
>>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
>>
>> The flaw works simply by sending an SMS to a Windows Phone user.
>> Windows Phone 7.5 devices will reboot and the messaging hub will
>> not open despite repeat attempts. We have tested the attack on a
>> range of Windows Phone devices, including HTC’s TITAN and Samsung’s
>> Focus Flash. Some devices were running the 7740 version of Windows
>> Phone 7.5, others were on Mango RTM build 7720. The attack is not
>> device specific and appears to be an issue with the way the Windows
>> Phone messaging hub handles messages. The bug is also triggered if
>> a user sends a Facebook chat message or Windows Live Messenger
>> message to a recipient.
>>
>> Yikes.
>
> Unlike Android "malware", that ain't no social engineering attack.
>
> But then this is /Microsoft/, after all, so should we be surprised?
I thought that latter-day Microsoft was supposed to be committed to
security, with code-reviews, automated bug-catching, and "managed" code.
Maybe it all slips away when the 10 thousand tornadoes that are
Microsoft development get whirling away and Ballmer is screaming about
delivery dates.....
--
I admire your tenacity in giving Ahlstrom the benefit of the doubt. But
surely now, despite his attempts at the molly cuddling nice guy persona, you
can be in zero doubt that he rarely, if ever, reads the articles from his
master Roy which he jumps into defend like the yipping little lap dog he has
become.
-- "Hadron". Copied from Google Groups.
> Verily I say unto thee that Chris Ahlstrom spake thusly:
>> Peter Köhlmann wrote this copyrighted missive and expects royalties:
>>
>>> http://www.winrumors.com/windows-phone-sms-attack-discovered-reboots-device-and-disables-messaging-hub/
>>
>> The flaw works simply by sending an SMS to a Windows Phone user.
>> Windows Phone 7.5 devices will reboot and the messaging hub will
>> not open despite repeat attempts. We have tested the attack on a
>> range of Windows Phone devices, including HTC’s TITAN and Samsung’s
>> Focus Flash. Some devices were running the 7740 version of Windows
>> Phone 7.5, others were on Mango RTM build 7720. The attack is not
>> device specific and appears to be an issue with the way the Windows
>> Phone messaging hub handles messages. The bug is also triggered if
>> a user sends a Facebook chat message or Windows Live Messenger
>> message to a recipient.
>>
>> Yikes.
>
> Unlike Android "malware", that ain't no social engineering attack.
>
> But then this is /Microsoft/, after all, so should we be surprised?
security, with code-reviews, automated bug-catching, and "managed" code.
Maybe it all slips away when the 10 thousand tornadoes that are
Microsoft development get whirling away and Ballmer is screaming about
delivery dates.....
--
I admire your tenacity in giving Ahlstrom the benefit of the doubt. But
surely now, despite his attempts at the molly cuddling nice guy persona, you
can be in zero doubt that he rarely, if ever, reads the articles from his
master Roy which he jumps into defend like the yipping little lap dog he has
become.
-- "Hadron". Copied from Google Groups.
Homer
Dec 14, 2011, 12:56:05 PM12/14/11
to
Verily I say unto thee that Chris Ahlstrom spake thusly:
> Homer wrote this copyrighted missive and expects royalties:
>>
> Homer wrote this copyrighted missive and expects royalties:
>>
>> Unlike Android "malware", that ain't no social engineering attack.
>>
>> But then this is /Microsoft/, after all, so should we be surprised?
>
> I thought that latter-day Microsoft was supposed to be committed to
> security, with code-reviews, automated bug-catching, and "managed"
> code.
>
> Maybe it all slips away when the 10 thousand tornadoes that are
> Microsoft development get whirling away and Ballmer is screaming about
> delivery dates.....
There's that, and the hideous over-engineering of "feechures",
>>
>> But then this is /Microsoft/, after all, so should we be surprised?
>
> I thought that latter-day Microsoft was supposed to be committed to
> security, with code-reviews, automated bug-catching, and "managed"
> code.
>
> Maybe it all slips away when the 10 thousand tornadoes that are
> Microsoft development get whirling away and Ballmer is screaming about
> delivery dates.....
Microsoft's tendency to organise code like a plate of spaghetti,
the duct-taping together of disparate components from outsourced
or assimilated technology, and the fact that the average Microsoft
Certified Sandwich Engineer has the IQ of a turnip.
But I'm sure Sweaty stalking them with a grease-gun is also unnerving
enough to make them click on the wrong button.
--
K. | "UNIX is basically a simple operating
http://slated.org | system, but you have to be a genius
Fedora 8 (Werewolf) on šky | to understand the simplicity"
0 new messages