All the latest UK technology news, reviews and analysis


BlackBerry posts patch for Enterprise Server flaw

20 Feb 2013
Research In Motion logo

BlackBerry has told administrators to patch their BlackBerry Enterprise Server (BES) systems following the discovery of a security vulnerability in the platform.

The company formerly known as Research in Motion said that the flaw, which affects the handling of certain Tiff image files, could leave server systems vulnerable to remote code execution attacks. BlackBerry has given the vulnerability a severity rating of 10.0, it's highest.

According to BlackBerry, the vulnerability exists in the handling of image files in the BlackBerry Messaging Service. When handling image files embedded in instant messages, the component can experience at attack which leaves a server vulnerable to remote code execution operations.

To address the flaw, BlackBerry said that it has issued an update to the BES platform. The company is recommending that all system administrators running the platform update their servers to prevent attack.

The security fix, which was first issued by the company last week, has gained further public attention in recent days, potentially increasing the risk for attacks in the wild. BlackBerry has not received any reports of attacks.

BlackBerry is far from alone in its efforts to patch security vulnerabilities. exactly one week ago, Microsoft posted its monthly security fix, while Oracle has been working to ward off a series of Java vulnerabilities which have triggered calls for users to disable the platform whenever possible.

BlackBerry's release comes as the company is pressing forward with what many pundits believe is among the most important releases in its history. The BlackBerry 10 platform has been cited as a critical point in the company's efforts to reverse its fortunes and regain a foothold in the smartphone market.

 

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
21%
13%
4%
21%
31%
10%

Popular Threads

Powered by Disqus
Sony Xperia Z2 Tablet powered by Android KitKat 4.4

Sony Xperia Z2 Tablet video

We take a look at the lightweight, waterproof tablet

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Manual Test Analyst /Tester Windows SQL Finance

Manual Test Analyst /Tester Windows SQL Financial Software...

.NET 4.5 Software Engineer C# Visual Studio

.NET 4.5 Software Engineer C# Visual Studio An opportunity...

Senior Project Manager (Software, service, technology, digital

Senior Project Manager (Software, service, technology...
To send to more than one email address, simply separate each address with a comma.