BlackBerry has pledged to release Heartbleed patches for its iOS and Android apps, designed to protect users from attacks targeting the recently discovered OpenSSL flaw.
BlackBerry confirmed to V3 it is working on fixes for its BlackBerry Messenger (BBM) service running on both Apple and Android devices. It is currently unclear when the fix will arrive, though Reuters reported Scott Totzke, BlackBerry senior vice president, confirmed it would be released by Friday.
Heartbleed, as discussed in the video below, is a recently discovered flaw in the OpenSSL encryption protocol. The flaw was discovered earlier in April by Finnish security researchers. Heartbleed is significant as the flaw means hackers could theoretically use it to siphon critical data from companies using the protocol.
The widespread use of OpenSSL, which runs on web servers hosting 66 percent of the world's websites, puts Heartbleed's potential victim list in the millions.
BlackBerry moved to downplay Heartbleed's significance to the firm's customers, promising the level of sophistication required to mount an attack, coupled with the limited number of affected services means it is unlikely hackers are actively exploiting it.
"BlackBerry customers can rest assured that while we continue to investigate, we have determined that BlackBerry smartphones, BlackBerry Enterprise Server 5 and BlackBerry Enterprise Service 10 are not affected and are fully protected from the OpenSSL issue," the firm said.
"During the investigation it was also determined that to exploit the Heartbleed vulnerability on BBM for iOS and Android, an attacker would also have to execute a ‘man in the middle attack,' which is extremely difficult to execute because of BlackBerry's secure technology infrastructure, making the risk extremely small for customers."
The OpenSSL project has already released an update fixing the flaw. The Industrial Control Systems Computer Emergency Response Team (ICS-CERT) urged businesses to install the Heartbleed update as soon as possible to avoid falling victim to hackers in a threat advisory.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff