RIM issues interim patches for BlackBerry PDF bugs
Thursday, June 4, 2009
Research in Motion (RIM), the maker of the BlackBerry smartphone, has issued a security warning to business users of a PDF vulnerability that could be exploited by hackers.
Last week, RIM issued interim security updates for multiple vulnerabilities in the PDF distiller of some versions of the BlackBerry Attachment Service that could allow a hacker to remotely execute code on the computer that hosts the software, if a user opens malicious PDF email attachments.
RIM said business IT security pros should remove the PDF file extension from the list of supported file format extensions until the security patches are implemented. It also advised users to only open attachments from trusted sources.
The company said businesses could prevent the spread of malicious PDF files by installing the attachment service on a remote computer with its own remote network.
Security experts said hackers have repeatedly targeted PDF vulnerabilities to deliver malicious code to business users because the file format is so broadly used in the corporate setting.
Although mobile malware has been on the rise, RIM said its BlackBerry Enterprise Solution is the first wireless platform to earn Common Criteria EAL 4+ certification.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
