A week in security: RIM has a tough time in the Middle East

BlackBerry devices are almost too secure for certain governments

This week was dominated by the tussle between Research in Motion and several Middle East governments that want access to the encrypted data streams of BlackBerry devices used in the region.

Elsewhere, there were more patches from Microsoft, Apple and Adobe, and a new iPhone jail-break site which has raised security concerns.

News first broke last weekend that the United Arab Emirates was considering banning various BlackBerry services including email, web and BlackBerry Messenger.

Saudi Arabia followed suit and later reports indicated that RIM was in dialogue with the Indian government about a system which could allow authorities to monitor communications on the platform for national security reasons.

Microsoft released an out-of-band security update this week designed to patch a critical flaw in Windows Shell first confirmed by the software firm a fortnight ago.

The vulnerability could allow hackers to exploit the way Windows parses shortcut files, allowing malicious code to be executed when the icon of a specially crafted shortcut is displayed, according to a Microsoft Security Advisory.

It also emerged that Microsoft is to issue at least 14 bulletins in its monthly Patch Tuesday update on 10 August. The company said in an advance notification that it will issue at least eight patches to address critical vulnerabilities and six to address important flaws.

There were more security woes for Adobe after the firm announced that it is to release an out-of-cycle patch next week to fix a critical flaw in its Acrobat and Reader platforms.

The company said in a security advisory that the attack vector is a flaw in TrueType that allows the running of malicious code embedded in a PDF document.

Online security firm VeriSign has launched a new set of resources designed to help smaller firms establish and promote the security of their sites to customers.

The VeriSign SMB Internet Security Clinic offers online firms which typically have fewer resources to spend on security the chance to consult VeriSign experts on how to improve customer trust and increase sales.

Finally this week, security experts raised concerns over a new jail-break site which allows users of Apple's iPhone 4 to bypass the App Store and install third-party software of their own choice.

The procedure poses potential security risks as applications on the repositories are typically not vetted for malware, and Apple has released updates to its OS designed to nullify jail-breaks.

Also, Germany's Office of Information Security said that the flaw used by the JailbreakMe writers to enable drive-by-jailbreaks from the site could allow an attacker to execute code on a targeted iOS device.