Rim Patches Blackberry Mobil Phone Security Hole

RIM Patches BlackBerry mobil phone Security Hole

 

 

Previously, RIM had updated the BlackBerry mobil phone Unite softwarethat users run on their smart phones to patch the problem on the client side.

 

The fix, which was delivered in several separate updates to BES, addressed a security vulnerability in the PDF distiller component of the BlackBerry mobil phone Attachment Service, which runs on the BES. RIM first disclosed the flaw last week, but the bug gained attention Wednesday when the U.S. Computer Emergency Readiness Team (US-CERT), part of the Department of Homeland Security, posted an alert.

 

Attackers could exploit the vulnerability by getting BlackBerry mobil phone users to open malicious PDF files attached to e-mail messages. Successful exploits would compromise servers running BES, not individual BlackBerry mobil phone devices, RIM said in security advisories first published July 10.

 

A RIM spokeswoman said Friday that the company

 had received no reports of attacks and that updates were now available for BES.

 

Enterprise administrators can update to BES version 4.1 Service Pack 6 (4.1.6) for Microsoft Exchange and IBM Lotus Domino, RIM said in a revised advisory. An update to BES for Novell GroupWise pegged as 4.1.4 also patches the problem.

 

Administrators running editions of BES older then versions 4.1.6, or 4.1.4 for GroupWise, can instead apply one of several interim security updates posted on RIM’s download site.

 

Research in Motion patched a critical bug in its BlackBerry mobil phone Enterprise Server (BES) Friday to stymie hackers hoping to break into company networks by tricking users of the popular smart phone into opening rigged PDFs.

Tagged as: Blackberry, Hole, Mobil, Patches, Phone, Security