BlackBerry Enterprise Server Vulnerable to Security Flaw

by Reads (171)

BlackBerry has issued a “high severity” warning to users of BlackBerry Enterprise Server (BES), cautioning that security vulnerabilities found within the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent could leave users susceptible to malware attacks.

\"BlackBerryBlackBerry says that the problem lies in the processing and rendering of TIFF images on BlackBerry smartphones.

In the BlackBerry MDS Connection Service, attackers can exploit a loophole in the TIFF image rendering process and gain unauthorized access to code on BES by creating a malicious webpage and convincing users to click on it.

In the BlackBerry Messaging Agent, users are told to look out for suspicious emails or instant messages that could contain embedded, “specially crafted,” malicious TIFF images.

Not all is bad with BlackBerry and the enterprise, though. The company says that it has issued an update to BES, version 5.0.4 MR2, that resolves these vulnerabilities. A temporary security update has also been released that is said to fix the flaws but doesn’t add any other changes within v5.0.4. BlackBerry requests that users download one of these updates to keep themselves secure.

Source: BlackBerry



All content posted on TechnologyGuide is granted to TechnologyGuide with electronic publishing rights in perpetuity, as all content posted on this site becomes a part of the community.