Windows Mobile MMS virus discovered

A leading mobile security researcher has unveiled a new proof-of-concept exploit targeting an unpatched Windows Mobile vulnerability that has been publicly disclosed for over six months, SC Magazine UK reports.
Researcher Collin Mulliner’s proof-of-concept code takes advantage of a flaw in the Synchronized Multimedia Integration Language (SMIL) in MMS messages, which is vulnerable to buffer overflows. According to Mulliner, the user only needs to view the MMS message to trigger the exploit he developed.
Mulliner tested his exploit on the IPAQ 6315 and i-mate PDA2k, and researchers believe that all Pocket PC 2003 and Microsoft Windows Smartphone 2003 devices could be susceptible to the same type of attack.
Other security experts said the risk from this particular PoC code is likely limited. Nevertheless, they encouraged users to update their firmware regularly to ensure their devices are patched.