The problem with Windows CE, according to Gostev, is the lack of resource protection. A malicious program can gain full access to numerous operating system functions, such as receiving and transmitting files, or phone and multimedia functions. Furthermore, creating Windows CE applications is "extremely easy" using relatively inexpensive tools. Gostev expects .NET to be the most popular environment for developing malicious code.
Although only four virus families targeting Windows CE are currently known, Gostev contends they represent "all the most dangerous types of malicious program," including classic file viruses, email worms, backdoors, and worms that can move from a handset to a desktop PC once connected to it.
Gostev claims that a number of serious vulnerabilities in Windows CE have been detected in the last several months. Vulnerabilities in ActiveSync and MMS/SMS could lead to denial of service (DoS) attacks, he suggests. Other threats lurk, in the form of potential vulnerabilities in Internet Explorer for Windows CE, and in programs for changing file formats.
"There's no doubt that these vulnerabilities exist," writes Gostev. "The question is only who will detect them first -- a virus writer, or a white hat security researcher."
The full 2-part report, "Mobile Malware Evolution: An Overview," is available from Kaspersky's VirusList website. Part 1 is
here, and Part 2 is
here.
The report also notes vulnerabilities in Symbian OS, which currently holds the largest smartphone marketshare.
Related stories:
