In a pro active move, RIM recently announced that it has managed to patch a vulnerability in their BlackBerry Enterprise Server. After identifying the PDF parsing related vulnerability, it took no time to have the hole plugged.
The security hole would have given hackers access to the Enterprise Server by tricking RIM BlackBerry email users in to opening a malicious PDF email attachment, potentially leading to a crash of the entire server. Server crashes are nothing new for RIM. Back in September-October 2007, the BlackBerry servers had crashed twice in as many months leading to analysts questioning the security and stability of the Enterprise Server.
Since then it had been an uneventful 2008 – till this flaw was spotted. RIM has confirmed that only BlackBerry server versions 4.1.3 and 4.1.5 were affected by this security hole. Enterprise Server version 4.1.6 for Microsoft Exchange and IBM Lotus Domino was apparently not affected by the flaw. The security patches have been issued to BlackBerry Enterprise server customers.
The statement added that as of now, there have been no reports of any actual exploits taking advantage of this vulnerability and since the patch has already been applied, this should not be a big cause of concern
No comments:
Post a Comment