RIM issues security patches for BlackBerry
Interim patches address critical security flaws that could allow a malicious PDF file to cause memory corruption or lead to arbitrary code execution on computers that host the BlackBerry Attachment service.
Research In Motion issued on Monday interim patches to address critical security flaws in BlackBerry software.
The flaws affect BlackBerry Enterprise Server software version 4.1 Service Pack 3 through Service Pack 6. The BlackBerry Professional Software 4.1 Service Pack 4 is also affected, RIM notes in its security advisory.
RIM is asking corporate customers to install an interim patch for the BlackBerry Enterprise Server and an interim patch for the BlackBerry Professional Software.
RIM also advises BlackBerry users to open PDF attachments only from "trusted sources." The company notes in its security advisory:
Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a Blackberry smartphone, could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment service.
Such security flaws will do little to bolster President-elect Barack Obama's hopes for keeping his BlackBerry while in the White House.