Microsoft browser vulnerabilities and the police - flaskdata

Microsoft browser vulnerabilities and the police

admin

January 28, 2009

The Polish Police did an IT modernization project in 2008 for installing mobile terminals in police cars. The software in the mobile terminal uses Microsoft IE.

Since the mobile terminals use Microsoft IE – it should be possible to attack the mobile terminal using one of the known IE software vulnerabilities

You could attack one of these terminals, execute code, steal information, follow police cars around – and steal data – the opportunities are endless. For example – this one enables remote code exection – Vulnerability in Internet Explorer that can allow remote code Execution.

From a press release on Sygnity Poland Web site (the IT integrator that did the project)

At the beginning of the year 2008 yet another project implemented by the Sygnity Group for the Polish Police Headquarters in Warsaw was finalised. According to the agreement, the police officers were equipped with the new mobile terminals. The implementation of the project is part of a process the aim of which is a general modernisation of the police.

A mobile terminal is a computer equipped with a web browser, using the GPRS/EDGE technology for data transfer. The software of the device meets the Microsoft Windows standards.

An undeniable advantage of mobile terminals is that they enable the officers a direct access to the National Police Information System (NPIS), which in practice means a fast verification of personal details of the detainees or their vehicles. The use of mobile terminals leads therefore to the increase of the officers’ prestige, and ensures a higher standard and quality of their actions.

This is an opportunity for hackers – if you exploit the browser in the mobile terminal you can gain access to the National Police Information System (NPIS), which in practice means a fast way to steal personal details of the detainees and their vehicles.

More Articles

Risk assessment

CLINICAL TRIAL READINESS ASSESSMENT

December 2, 2022 No Comments

Are you really ready to run a clinical trial? How can you best assess your clinical trial readiness? We work with C-level executives and management

clinical data from patients

Assuring protocol compliance without checklists

November 29, 2022 No Comments

At a site monitoring visit, the CRA works on assuring protocol compliance. Assuring protocol compliance is one of the 3 pillars of GCP: The 3

Decentralized clinical trials

Home alone and in a clinical trial

November 27, 2022 No Comments

1 in 7 American adults live alone COVID and social isolation is part of our lives. During COVID, it became easier to recruit patients for

drug counterfeiting

Preventing drug counterfeiting

October 24, 2022 No Comments

Counterfeiting is old as money itself. Drug counterfeiting is no exception. In this post, we’ll share an analytical approach that you can use to estimate

clinical trial risks

What risks really count for your clinical trials?

October 23, 2022 No Comments

Is there a “black-box” risk management solution for your clinical trial? What clinical trial risks are the most important for you and your company? Risk

growth stage

Dealing with information junkies in decentralized clinical trials

October 18, 2022 No Comments

DecentraIized clinical trials software vendor Medable is doing an outstanding job in understanding and executing an online work-flow between sites and patients at home.. This understanding and

Clinical data made radically simple and affordable.

Contact

Resources

Flask Open API for clinical data

Copyright © 2022 Flask Data Ltd. All Rights Reserved.

Privacy Policy | Terms of Use