Wednesday | 8 October, 2008
Computerworld
RIM warns BlackBerry admins of critical unpatched PDF bug
Company posts workaround instructions for enterprise administrators.
Gregg Keizer 18/07/2008 08:15:00

Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Zones
Zone logoZones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

Sign up for our Computerworld newsletters!
Computerworld's twice-daily news service keeps you in touch with the latest, most important headlines from Australia and around the world.
Keep up with the latest virtualisation technologies, products, news and features.
A weekly service providing detailed coverage of the latest innovations and developments in the wireless industry.
RSS Feeds

Research in Motion has warned users and corporate administrators of a critical vulnerability in a component of its BlackBerry Enterprise Server that could be used to hack their company's computers.

The US Computer Emergency Readiness Team (US-CERT), part of the Department of Homeland Security, also posted an alert Wednesday after RIM issued two security advisories.

A patch is not available, but RIM said the problem had been "escalated internally to our development team."

A bug in the PDF distiller component of the BlackBerry Attachment Service, which runs on the BlackBerry Enterprise Server (BES), affects how the popular Adobe document format is processed on the server, said RIM in one of the advisories.

The server running BES, not individual BlackBerry devices, is at risk, although an attack would involve a BlackBerry.

Malicious PDFs attached to e-mail messages could "cause arbitrary code to execute on the computer that the BlackBerry Attachment Service runs on," the RIM warning said. "If a BlackBerry smart phone user on a BlackBerry Enterprise Server opens and views the specially crafted PDF file attachment on the BlackBerry smart phone, the arbitrary code execution could compromise the computer."

RIM posted workaround instructions for enterprise administrators that would prevent an attack by blocking PDF processing on a BES system.

A companion RIM security advisory urged BlackBerry users to upgrade to version 1.0 Service Pack 1 (1.0.1) bundle 36 or later of the BlackBerry Unite software.

Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data
More about BlackBerry, Adobe, Motion, RIM, CERT
Market Place
21 October 2008 Live webinar: Learn how to orchestrate activities between a request management process and HP/Mercury/Quality Centre
New white paper | Improving Sales Productivity: An Opportunity for Sales and IT Leadership | Download now
14 October 2008 Live webinar: Mashing it up with Incident Management
WIN a printing technology upgrade worth $20k* with HP MFPs! >> CLICK HERE TO ENTER.
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. View now.
Enter our reader survey today and you could walk away with one of 2 Motorola MOTORAZR2 V9's up for the taking.
Uncover the security challenges faced when defining and implementing security mechanisms within wired and wireless network environments.
Computerworld SOA Summit: Improve your margins and eliminate inefficiencies. Register now | 17th October 2008
Webcast: How to get the best out of your network featuring expert analysts, to view now click here

Computerworld Member Login


 
D-Link Networking Knowledge Centre

D-Link Australia & New Zealand

D-Link is the global leader in connectivity for small, medium and large enterprise business networking. The company is an award-winning designer, developer and manufacturer of networking, broadband, digital electronics, voice and video communication.

To Find out more about D-Link solutions visit www.dlink.com.au

D-Link Networking Knowledge Centre

D-Link Australia & New Zealand

Featured Products

  • GREEN ETHERNET WEBSMART
    DGS-1200 Series Managed Switch
    D-Link has integrated its Eco-friendly Green Ethernet technology into the WebSmart switch family. WebSmart switches also known as the DGS-1200 series are ideal for the small organisations that wants high speed Gigabit connectivity and don't need many major management features.
  • DIGITAL HOME
    DSM-330 HD Media Player
    Leverage your PC power and enjoy fast, smooth, stutter-free video, music and photo playback in a rich, remote-controlled TV interface. The new generation D-Link DivX Connected™ HD media play is now available.
  • NETWORK ATTACHED STORAGE
    DNS-343, 4-Bay NAS Box
    The highly anticipated 4-bay NAS box has just arrived. Following the great success of its brother 2-bay NAS box the DNS-323. This unit is versatile and can be used in the home to share multi-media with the family or even in the office to store and share files.

New Products

Download

Case Studies

Whitepapers

D-Link TV

Watch videos about D-Link products and much more
http://www.dlinktv.com

D-Link Training

Find out more about D-Link products trainings and certification program
http://training.dlink.com.au
Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links