Malicious PDFs can commandeer BlackBerry Servers, RIM warns Attackers can commandeer your BlackBerry servers by attaching maliciously formed PDF files to emails, Research in Motion warned Tuesday. The manufacturer of the smartphone advised users to install an update that patches multiple flaws in the BlackBerry's PDF distiller. The vulnerabilities are present on a variety of servers …
Looking at the RIM advisory, it appears the vulnerability is the Blackberry Enterprise Server (BES) itself sitting inside the enterprise network. Thus the cautionary note about network segmentation at the end...
This is big.
Regards,
Andi Baritchi
CISSP-ISSMP, CISM, CISA, PCI-QSA
To look at an on-screen representation of a piece of paper, you now need an over-bloated slow program with holes the size of the US budget defecit?
I vote to ditch PDF and replace it with "e-paper". The files will be small because they only contain enough to render what would've been on the paper. The program to render will be small because all it does is display the static content contained in the "e-paper" files.
Hell the files could even use a standard description language, like postscript...
It's freezing outside, I'll get me coat
"Blackberries running Microsoft Windows 2003 or 2008?" Really, now, you think a handheld can run a server OS out of Redmond? What's next, iPhones running SQL Server?
Go back and re-read the article. They're talking about the BlackBerry Enterprise Server, a bit of software kit installed on a corporate application server, not the handhelds themselves. It even states that device software is not affected!
Typing this, ironically, on my Crackberry...
"...Blackberries running Microsoft Windows versions 2003 or 2008"
Just to be clear, we are not talking about the Blackberry devices but BES (Blackberry Enterprise Server). A key role of the BES is to provide VPN termination for Blackberry devices via RIM's proprietary protocol (although RIM don't use the term "VPN"). RIM insist that the BES should be placed on the inside of a corporate network, rather than in a DMZ, making it and the Blackberries that connect through it interesting targets for hackers.
The Blackberry Router is a smokescreen as connections from RIM and Blackberry devices are terminated at the BES, not at the Router.
The tech report states that the BlackBerry smartphone software itself is NOT compromised. Only the BlackBerry Enterprise Software or "the computer that hosts the BlackBerry Attachment Service component of that BlackBerry Enterprise Server" can be compromised. Thus this is an admin-only problem, not as the article suggest one that could affect each BlackBerry user.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
