Remote Code Exploit Found in Several BES versions
RIM has released an advisory notifying Administrators of a security venerability that may allow and attacker to execute remote code on a BES server. I am going to get straight to the point.
Here is what it takes advantage of:
Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server
Here is what you need to do:
1. Install the latest security software update or MR on your appropriate version of BES.
Non Affected Software
BlackBerry® Device Software
BlackBerry® Desktop Software
BlackBerry® Internet Service