RIM warns of Blackberry PDF vulnerability
Wirelessly posted (via Bold)
The firm said in a security advisory that multiple vulnerabilities with a Common Vulnerability Scoring System score of 9.3 have been found in the PDF distiller of the Attachment Service.
"These vulnerabilities could enable a malicious individual to send an email containing a specially crafted PDF file which, when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service," said the advisory.
RIM has issued an interim software update that fixes these issues in the affected versions of the BlackBerry Enterprise Server and BlackBerry Professional Software.
The firm advised users to disable PDF file processing on the server until these patches are rolled out, and said that users should only open attachments from trusted sources.
Graham Cluley, senior technology consultant at security vendor Sophos, said in a blog post that hackers are increasingly exploiting PDFs to deliver malware to unsuspecting business users.
"As PDFs are so widely used and shared in business most people wouldn't think twice about clicking on them, making it imperative that corporations keep their security patches and anti-malware defences up to date," he said.
Last edited by Brett Wyman; 05-27-2009 at 05:24 PM.
Thanks, that's good to know
Thanks for the info, considering I open 90 % if my email from my BB, even though I am sitting in front of my PC..
I do exactly the same thing lol, but this is some interesting news
Originally Posted by bbcrackman
This appears to affect ONLY users runing BES software on their servers.
Originally Posted by Stiefler07
Here's a link with a bit more detail for those interested:
Tags for this Thread