An update that introduces the MTP Responder component for Windows Embedded CE 6.0 R3 is available

Article translations Article translations
Article ID: 978465 - View products that this article applies to.
Expand all | Collapse all

On This Page

Introduction

An update that introduces the Media Transfer Protocol (MTP) Responder component for Windows Embedded CE 6.0 R3 is available. This component does not support media synchronization. However, it provides basic MTP functionality for devices. This enables the devices to be compatible with the Device Stage feature in Windows 7.

When the device connects to a computer that is running Windows 7 through USB or TCP/IP, the MTP Responder component improves the user experience. The MTP Responder component includes storage for MTP files and folders on a Windows Embedded CE 6.0 R3-based device. This enables the user to browse and manage files on the device in addition to transferring files between the device and the computer.

By using an MTP extension, the user can change and extend the MTP Responder component to support additional commands, operations, properties, and object formats. These additions are not included with the MTP specification.

More information

Software update information

The following file is available for download from the Microsoft Download Center:
Collapse this imageExpand this image
Download
Download the MTP Responder package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Prerequisites

This update is supported only if all previously issued updates for this product have also been installed.

Restart requirement

After you apply this update, you must perform a clean build of the whole platform. To do this, use one of the following methods:
  • On the Build menu, click Clean, and then click Build Platform.
  • On the Build menu, click Rebuild Platform.
You do not have to restart the computer after you apply this software update.

Update replacement information

This update does not replace any other updates.

File information

The English version of this software update package has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Collapse this tableExpand this table
File nameFile sizeDateTime
Wincepb60-091231-kb978465-armv4i.msi65,155,07221-Jan-201001:17
Wincepb60-091231-kb978465-mipsii.msi64,779,77621-Jan-201001:31
Wincepb60-091231-kb978465-mipsii_fp.msi64,787,45621-Jan-201001:32
Wincepb60-091231-kb978465-mipsiv.msi64,878,59221-Jan-201001:35
Wincepb60-091231-kb978465-sh4.msi64,534,01621-Jan-201001:33
Wincepb60-091231-kb978465-x86.msi64,012,28821-Jan-201001:33

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More information

The update adds the following registry keys in Windows Embedded CE 6.0 R3:
  • HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\Responder
  • HKEY_LOCAL_MACHINE\Drivers\USB\FunctionDrivers\MTPUSBFn
  • HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\Responder\Metadata\<Locale ID>
  • HKEY_LOCAL_MACHINE\Software\Microsoft\MTP\ObjectStore
As an OEM developer, you must understand the following potential security threats when you create devices that use the MTP Responder component. To prevent these threats, check the recommendations at the end of each paragraph.

Information disclosure threat

Users should be warned not to store Personally Identifiable Information (PII) on their device. An attacker may use the IP network to copy the information from the device without the user’s acknowledgement. To help protect device users, we recommend that you include a warning in the user documentation stating that users should not store PII on a device.

Spoofing threat

There is no trust relationship between a device that works as an MTP Responder and the MTP Initiator that is connected to this device. This could lead to a spoofing attack on the device. For example, an MTP Initiator could identify itself as a common default name for a home network, such as 'linksys'. Meanwhile, the network can be used to obtain sensitive data from the device. The network can also be taken over to start a denial of service attack on another computer. To help reduce this risk, we recommend that you include a warning in the user documentation that resembles the following statement:
Make sure that your home network is password protected and only connect your device to public networks that are trusted.

Closed box assumption

If you ship a closed box solution for a device that uses MTP, MTP initiators can still copy data on and off the device. In order to help reduce the security risk of copying malware to the device, you should implement code signing. Code signing makes sure that only trusted code runs on the device. For more information about code signing, visit the following Microsoft Developer Network (MSDN) Web site:
Introduction to Code Signing


Note A closed box solution does not allow third-party applications or modules to be loaded on the system.

MTP over IP

By default, MTP over IP is enabled. This means that MTP Initiators can connect to a device that uses MTP. However, this makes MTP over IP sessions vulnerable to security threats such as spoofing, information disclosure, and denial of service. To help prevent these security threats, we recommend that you create a mechanism that lets the user accept each MTP over IP session. Or, you can create a mechanism that lets the user keep IP connections off until the user wants to connect. For more information about the MTP Device Services Extension specification, download the file from the following Microsoft Web site:
Information about the MTP Device Services Extension specification


For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 978465 - Last Review: June 21, 2014 - Revision: 2.0
Applies to
  • Windows Embedded CE 6.0
Keywords: 
kbexpertiseinter atdownload kbsurveynew KB978465

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com