Microsoft browser vulnerabilities and the police


Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

The Polish Police did an IT modernization project in 2008 for installing mobile terminals in police cars. The software in the mobile terminal uses Microsoft IE.

Since the mobile terminals use Microsoft IE – it should be possible to attack the mobile terminal using one of the known IE software vulnerabilities

You could attack one of these terminals, execute code, steal information, follow police cars around – and steal data – the opportunities are endless.  For example – this one enables remote code exection –  Vulnerability in Internet Explorer that  can allow remote code Execution.

From  a press release on Sygnity Poland Web site (the IT integrator that did the project)

At the beginning of the year 2008 yet another project implemented by the Sygnity Group for the Polish Police Headquarters in Warsaw was finalised. According to the agreement, the police officers were equipped with the new mobile terminals. The implementation of the project is part of a process the aim of which is a general modernisation of the police.

A mobile terminal is a computer equipped with a web browser, using the GPRS/EDGE technology for data transfer. The software of the device meets the Microsoft Windows standards.

An undeniable advantage of mobile terminals is that they enable the officers a direct access to the National Police Information System (NPIS), which in practice means a fast verification of personal details of the detainees or their vehicles.  The use of mobile terminals leads therefore to the increase of the officers’ prestige, and ensures a higher standard and quality of their actions.

This is an opportunity for hackers – if you exploit the browser in the mobile terminal you can gain access to the National Police Information System (NPIS), which in practice means a fast way to steal personal details of the detainees and their vehicles.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply