BlackBerry users face security threat
Malicious images sent with an e-mail on the popular mobile device could disable capability to view attachments.
Opening a malicious image sent via an e-mail on the popular mobile devices could disable a user's capability to view attachments, BlackBerry maker Research In Motion said Tuesday.
The problem occurs because of a software flaw in the BlackBerry Enterprise Server, RIM said in a posting on its customer support Web site. An attacker would have to craft a special TIFF, or Tagged Image File Format, to perform the attack, the company said.
A successful attack would disable only the ability to view attachments; other services such as sending and receiving messages, making phone calls, browsing the Internet, and running BlackBerry wireless device applications to access a corporate network would not be impacted, according to RIM.
RIM has developed a fix for the problem. The software upgrade will be made available as soon as testing is complete, the company said.
While waiting for the update, RIM suggests filtering TIFF images or disabling the attachments on BlackBerrys altogether.
The security vulnerability was discussed at a computer security conference in Berlin last week. US-CERT published an advisory on the problem on Friday.