Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.
An update that introduces the MTP Responder component for Windows Embedded CE 6.0 R3 is available
Introduction
An update that introduces the Media Transfer Protocol (MTP) Responder component for Windows Embedded CE 6.0 R3 is available. This component does not support media synchronization. However, it provides basic MTP functionality for devices. This enables the devices to be compatible with the Device Stage feature in Windows 7.When the device connects to a computer that is running Windows 7 through USB or TCP/IP, the MTP Responder component improves the user experience. The MTP Responder component includes storage for MTP files and folders on a Windows Embedded CE 6.0 R3-based device. This enables the user to browse and manage files on the device in addition to transferring files between the device and the computer.
By using an MTP extension, the user can change and extend the MTP Responder component to support additional commands, operations, properties, and object formats. These additions are not included with the MTP specification.
Software update information
The following file is available for download from the Microsoft Download Center:
Download the MTP Responder package now.For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.Prerequisites
This update is supported only if all previously issued updates for this product have also been installed.Restart requirement
After you apply this update, you must perform a clean build of the whole platform. To do this, use one of the following methods:- On the Build menu, click Clean, and then click Build Platform.
- On the Build menu, click Rebuild Platform.
Update replacement information
This update does not replace any other updates.File information
The English version of this software update package has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.| File name | File size | Date | Time |
|---|---|---|---|
| Wincepb60-091231-kb978465-armv4i.msi | 65,155,072 | 21-Jan-2010 | 01:17 |
| Wincepb60-091231-kb978465-mipsii.msi | 64,779,776 | 21-Jan-2010 | 01:31 |
| Wincepb60-091231-kb978465-mipsii_fp.msi | 64,787,456 | 21-Jan-2010 | 01:32 |
| Wincepb60-091231-kb978465-mipsiv.msi | 64,878,592 | 21-Jan-2010 | 01:35 |
| Wincepb60-091231-kb978465-sh4.msi | 64,534,016 | 21-Jan-2010 | 01:33 |
| Wincepb60-091231-kb978465-x86.msi | 64,012,288 | 21-Jan-2010 | 01:33 |
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
The update adds the following registry keys in Windows Embedded CE 6.0 R3:
Note A closed box solution does not allow third-party applications or modules to be loaded on the system.
For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
- HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\Responder
- HKEY_LOCAL_MACHINE\Drivers\USB\FunctionDrivers\MTPUSBFn
- HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\Responder\Metadata\<Locale ID>
- HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\ObjectStore
Information disclosure threat
Users should be warned not to store Personally Identifiable Information (PII) on their device. An attacker may use the IP network to copy the information from the device without the user’s acknowledgement. To help protect device users, we recommend that you include a warning in the user documentation stating that users should not store PII on a device.Spoofing threat
There is no trust relationship between a device that works as an MTP Responder and the MTP Initiator that is connected to this device. This could lead to a spoofing attack on the device. For example, an MTP Initiator could identify itself as a common default name for a home network, such as 'linksys'. Meanwhile, the network can be used to obtain sensitive data from the device. The network can also be taken over to start a denial of service attack on another computer. To help reduce this risk, we recommend that you include a warning in the user documentation that resembles the following statement:Closed box assumption
If you ship a closed box solution for a device that uses MTP, MTP initiators can still copy data on and off the device. In order to help reduce the security risk of copying malware to the device, you should implement code signing. Code signing makes sure that only trusted code runs on the device. For more information about code signing, visit the following Microsoft Developer Network (MSDN) Web site:Note A closed box solution does not allow third-party applications or modules to be loaded on the system.
MTP over IP
By default, MTP over IP is enabled. This means that MTP Initiators can connect to a device that uses MTP. However, this makes MTP over IP sessions vulnerable to security threats such as spoofing, information disclosure, and denial of service. To help prevent these security threats, we recommend that you create a mechanism that lets the user accept each MTP over IP session. Or, you can create a mechanism that lets the user keep IP connections off until the user wants to connect. For more information about the MTP Device Services Extension specification, download the file from the following Microsoft Web site:For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates
Keywords: kb, kbsurveynew, atdownload, kbexpertiseinter, kbnotautohotfix