All the latest UK technology news, reviews and analysis

RIM posts new BlackBerry security patch

by Shaun Nichols

More from this author

03 Oct 2009

Comment: 1

  • Tweet this
BlackBerry handset
The BlackBerry update fixes a flaw in the handling of security certificates

Research In Motion has issued a security update to address a flaw in its BlackBerry handsets.

The update fixes a flaw in the handling of security certificate issues in the BlackBerry browser application, which could be exploited by an attacker to perform a phishing attack.

Further reading

The vulnerability affects BlackBerry software versions 4.5 to 4.7, and all users with supported BlackBerry software versions are advised to update their software. The flaw does not affect the BlackBerry Server or Desktop software packages.

The flaw lies in the way the browser reports security certificate mismatches. When a mismatch between the certificate issuer and domain is detected, the browser presents a dialogue box warning the user.

Researchers have found, however, that the dialogue boxes do not display null characters on addresses. This could allow an attacker to craft a false certificate with null characters at the end of an otherwise legitimate site, and use it to present the certificate as authentic.

RIM recommends that users install the security fix immediately. Users who do not have the update are being advised to use caution when accepting web certificates, and avoid clicking on any suspicious or unsolicited links.

Do you agree?

Add your comment

How do you do this???/

instructions on installing this would be greatly apreciated?

Posted by: nims 06 Oct 2009

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Communications

Skype for Windows screen shot

Skype for Mac 5.5.0.2340

Related white papers

Related articles

Related jobs

Today's top stories

heartvalentinesday

Top 10 Valentine's Day technology matches made in heaven

Microsoft Windows 8 start screen

Microsoft talks up Windows 8 for ARM hardware

Security enhancements will be added with the Chrome 17 update

Chrome for Android hands on review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

JavaScript Developer – central London

JavaScript / HTML5 Developers required to join a hugely...

Embedded Software Engineer – central London

Embedded Engineers with experience of developing consumer...

Network Engineer, Cisco / Linux, Design / Implementation. London - to 55K

...

ASP.NET, C#, VB - SENIOR DEVELOPER, LUTON, BEDFORDSHIRE

ASP.NET, C#, VB - SENIOR DEVELOPER, LUTON, BEDFORDSHIRE...

To send to more than one email address, simply separate each address with a comma.