Microsoft has confirmed to WinRumors that the company will push a Windows Phone 7 security update via its Zune software.
The software giant has been working on a patch to block several fake SSL certificates that may affect Windows Phone 7 owners. The company originally warned of nine fraudulent digital certificates in late March. Certification authority Comodo issued the certificates in what the company described as a “politically motivated” attack. The certificates have been revoked by Comodo and Microsoft has issued an update for all supported desktop versions of Windows to help address the issue. Microsoft says the certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer.
Microsoft is currently working on a Windows Phone 7 update to address the issue on its latest range of smartphones. Bruce Cowper, Group Manager of Microsoft’s Trustworthy Computing, confirmed to WinRumors that the company is working with mobile carriers to plan its distribution methods. “The Windows Phone team is actively working with mobile partners to develop and distribute a mitigation update,” said Cowper in an email statement to WinRumors. “Microsoft can confirm that customer notification of the update will occur via OTA and delivery of the update will occur via the Zune client,” he added.
Microsoft could not confirm the exact date of delivery but said they will “provide status updates and additional guidance as soon as it becomes available.” The update is rumored to be pushed on May 3.