Advertisement
Promo

Security threats Toolkit

RIM patches 'critical' BlackBerry PDF flaw

Liam Tung ZDNet Australia

Published: 23 Jul 2008 11:17 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

RIM has released a patch for a security flaw in BlackBerry Enterprise Server that exposed corporate networks to hackers via maliciously crafted PDF documents.

RIM announced the "highly critical" security advisory two weeks ago, saying that a booby-trapped PDF could exploit a hole in RIM's server software to gain remote access to corporate networks.

The flaw affected the BlackBerry Attachment Service — a function within BlackBerry Enterprise Server that is used to process PDF attachments and make them readable by BlackBerry users on that network.

The flaw did not expose BlackBerry devices to attack, but could expose email servers on the same network as BlackBerry Enterprise Server to attack, Sense of Security's principal consultant, Jason Edelstein, told ZDNet.com.au.

RIM's initial workaround was to prevent the BlackBerry Attachment Service from processing PDF files within the BlackBerry Enterprise Server. The patch is now available from RIM's website.

Credit: RIM issues critical BlackBerry patch from ZDNet Australia

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters