RIM Patch for BES Attachment Service: Security Vulnerability

By Thomas on Jan 15, 2009 with Comments

Filed Under: Misc. News

rim blackberry logo121 RIM Patch for BES Attachment Service: Security Vulnerability

A few days ago RIM put out a patch for a breach in the BES attachment service.  Not to worry BIS users, you are not affected by this issue.  If you are on BES and are using:

  • BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 6 (4.1.6)
  • BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)

Visit the link and download the patch!  http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB17118

Here is exactly the issue with the attachment service:

Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service.

via BlackBerry Cool


Tags:

About the Author:

blog comments powered by Disqus