[schettj]

So, just to recap in case you didn't understand it...

When you connect any device it creates a local network between itself and the PC - so it's now "inside" the corporate firewall, talking to exactly 1 PC (yours) as if it were a peer node on the local network.

So, then, you run something like ICS on the winmo, and you connect to it, and then you can start probing the one PC its connected to to find something on the PC you can exploit via a network connection.

Most/many firewalls will by default firewall the RNDIS adapter, so if you're running one of those this assault dies there. Also, this assumes the PC is logged in with AS running and USB connection enabled. I'm reasonably sure if you're not LOGGED IN, there is 0 risk as well.

Frankly, if MR BAD HACKER is roaming my hallways looking to jack into a locked PC to see if its running activesync, I have MUCH BIGGER security issues*

* simple example. MR BAD walks in, finds a conference room with an open ethernet port, and drops in a wifi access point. If he's good, he drops about 15 of these around with ssid like "Corporate Trial Do not Use" "Testing" "Accounting" etc... with WPA enabled.

Then he goes outside, fires up his laptop, and has at the corporate network as a first class node.

But indeed, you should BE AFRAID and most importantly SEND MONEY TO SOMEONE TO FIX THIS!!!

Sheesh.