Patch issued for BlackBerry PDF bug

Research in Motion Ltd., maker of the popular BlackBerry handset,
on Friday issued a patch to plug a vulnerability in its BlackBerry
Enterprise Server (BES) solution. The vulnerability could allow
hackers to enter into a network via a maliciously crafted PDF file.

The hotfix was distributed via a cluster of updates to BES
systems. It's designed to remedy a bug in the PDF distiller
function of BlackBerry's attachment mechanism, which enables users
to open up documents from the mobile device.

The exploit enabled a remote code execution attack if the user
opened up corrupt Adobe or other PDF-type files.

Research in Motion's advisory proposes that network administrators
working within a Windows enterprise environment update to BES
Version 4.1, Service Pack 6 for Microsoft's Exchange Server.

Using the new patch is much safer than relying on workarounds,
according to one network security expert reacting to the news. For
instance, relying on updating the BlackBerry Unite
software'an application that can be loaded onto the handset
to detect and clean potentially infected files'isn't the most
optimal solution.

"It looks like they [Research in Motion] may have solved the
problem for now by what they did [on Friday] because it's very
tricky to sanitize these files on the client side," said Kevin
Gillis, vice president of product management for IPswitch, a
network monitoring, file transfer and messaging software firm in
Lexington, Mass. "It's much better to do it on the server side so
that the carrier-class scanner is more effective in this case."

Gillis added that the bigger issue now for companies will be
reacting to the downtime that may have been caused by putting a
temporary moratorium on sending PDFs via the handset, as some
enterprises may have done while awaiting the patch.

"You have people sending presentations, graphs and charts all
the time over these phones and while the problem is serious enough
to wipe out the devices' whole memory storage, I think this is a
reminder of why disaster recovery solutions and best practices are
important too," he said.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected