Microsoft claims that the Windows Mobile operating system is secure enough for the enterprise. That’s not quite true, since unlike Windows XP, handhelds don’t have advanced security architecture. For example, Pocket PC has no Kerberos authentication, Encrypting Filesystem, or a built-in firewall. In fact, even the much-touted Mobile2Mobile “secure” signing process for .DLLs and .exes can be bypassed with a simple buffer overflow, thus potentially allowing malware to take over your device**.
Read more…