Mobile Advisor

RIM patches BlackBerry PDF vulnerability
IT departments should prevent attachment service from processing any PDF files
Brad Reed (Network World) 05/06/2009 04:04:00
Tags: blackberry enterprise server, pdf, research in motion, RIM BlackBerry

Research in Motion (RIM) has issued a new security patch for BlackBerry Enterprise Server to fix vulnerabilities in its PDF distiller program.

The patch was issued on a BlackBerry forum last week and was billed as a fix for any customers that use BlackBerry Enterprise Server (BES) versions 4.1 through 5.0. RIM said that there were "multiple security vulnerabilities" that existed in some versions of the enterprise servers' PDF distiller that were released as part of the BlackBerry Attachment Service.

The vulnerabilities could allow hackers to send users e-mails containing a "specifically crafted PDF file" that could cause memory corruption and "possibly lead to arbitrary code execution" of the computer hosting the attachment service.

While companies take time to test the new patch on their systems, RIM recommends that IT departments prevent the attachment service from processing any PDF files that come through the BES environment (instructions for disabling PDF downloads can be found here).

RIM also says that companies could install the attachment service onto a remote computer and place it in its own remote network segment to stop the spread of malicious PDF files throughout the network.

More about BlackBerry, Motion, RIM
Recommend this article?
Yes0 votes
No0 votes

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Enter the fully qualified URL, eg. http://www.example.com/
Users posting comments agree to the PC World comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Syndicate content Syndicate content Syndicate content Syndicate content Syndicate content Syndicate content
 
Gift Guide
MWave
Discussions on The PC World Forum

Bridge Netgear DG834GV to AP Belkin F5D7230-4

I have the above Belkin and am able to configure it as an access point, but I want ...

Best Multifunction - laser or inkjet?

Hi there We wish to purchase a multifunction colour printer/copier/scanner/fax - ...

Documents Folder in Windows7

I have recently loaded Windows 7 using a clean install after formating my HDD. I ...

Recomendations on a laptop

Hi Looking at buying a laptop in the $1500 to $2000 range. I like the Toshiba ...

HP C309a

I hope someone can help with this. I bought an HP C 309a in September and installed ...
Create new Topic
More from the forum
Samsung

CXO Latest

LED Advisor

Popular Phones & Plans

Powered by WhistleOut

1) Apple iPhone 3GS 16GB35 plans 18%
2) Blackberry Bold 900014 plans 9%
3) Blackberry Curve 85206 plans 12%
4) Apple iPhone 3GS 32GB35 plans 1%
5) Samsung Ultra Touch31 plans 2%
Three iiNet Virgin Mobile Vodafone
« 1 of »
1) Apple mobile phones 17%
2) Blackberry mobile phones 21%
3) Samsung mobile phones 3%
4) Nokia mobile phones 1%
5) LG mobile phones 2%

Compare: Mobiles | Broadband

PC World
 

Colour your world with Samsung

A chance to win with every
Samsung Consumable purchase*