BlackBerry posts patch for Enterprise Server flaw

BlackBerry has told administrators to patch their BlackBerry Enterprise Server (BES) systems following the discovery of a security vulnerability in the platform.

The company formerly known as Research in Motion said that the flaw, which affects the handling of certain Tiff image files, could leave server systems vulnerable to remote code execution attacks. BlackBerry has given the vulnerability a severity rating of 10.0, it's highest.

According to BlackBerry, the vulnerability exists in the handling of image files in the BlackBerry Messaging Service. When handling image files embedded in instant messages, the component can experience at attack which leaves a server vulnerable to remote code execution operations.

To address the flaw, BlackBerry said that it has issued an update to the BES platform. The company is recommending that all system administrators running the platform update their servers to prevent attack.

The security fix, which was first issued by the company last week, has gained further public attention in recent days, potentially increasing the risk for attacks in the wild. BlackBerry has not received any reports of attacks.

BlackBerry is far from alone in its efforts to patch security vulnerabilities. exactly one week ago, Microsoft posted its monthly security fix, while Oracle has been working to ward off a series of Java vulnerabilities which have triggered calls for users to disable the platform whenever possible.

BlackBerry's release comes as the company is pressing forward with what many pundits believe is among the most important releases in its history. The BlackBerry 10 platform has been cited as a critical point in the company's efforts to reverse its fortunes and regain a foothold in the smartphone market.