RIM Admits BlackBerry Security Hole, Patch Available

Dennis Faas's picture

Owners of RIM's BlackBerry beware: just because what you're carrying is much smaller than the average PC, don't expect hackers to ignore you. Research in Motion has recently revealed a security hole that could allow an intruder to take control of a BlackBerry device.

In a statement issued late last week, Waterloo-based Research in Motion admitted that they'd discovered a gap that could potentially allow hackers to snag control of servers running the company's BlackBerry system.

If that were to happen, intruders could then send emails throughout the system with infected PDF attachments -- if opened by recipients (imagine a business partner or family member), the sinister attachment could infect the new systems with malicious code, thereby spreading the issue.

Once everyone is infected, an intruder could take control and steal confidential information. Certainly an embarrassing and troubling prospect for any business person. (Source: techtree.com)

Patch Available, but Beware of PDFs!

Thankfully, Research in Motion has issued a patch meant to help solve the problem. The company has described the issue in a special advisory, outlining the vulnerabilities which could potentially "enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service component of that BlackBerry Enterprise Server."

More information on the patch is available by clicking here. (Source: blackberry.com)

Reuters recently weighed in on the security hole, describing it as a serious one BlackBerry users shouldn't hesitate to patch. However, users of the BlackBerry and home/business desktops and laptops should be extremely skeptical of all PDF files, which are becoming a favored target for hackers.

| Tags:
Rate this article: 
No votes yet