Webtrends Tracking Code
 
UK Home >  OUT-LAW News >  News Archive >  2006 >  January 2006 >  BlackBerry security warnings

BlackBerry security warnings

OUT-LAW News, 05/01/2006

BlackBerry users should be aware of a software vulnerability in the handheld device that could prevent users from opening email attachments, according to the manufacturer, Research in Motion.

The flaw relates to the way in which the BlackBerry attachment service handles images created by Tagged Image File Format (TIFF) files. According to RIM, if a BlackBerry user opened an email attachment containing a specially configured TIFF file, malicious code in the file could stop the attachment service working.

No other BlackBerry services would be affected.

As with email accessed on a computer, customers have been urged not to open any unsolicited or suspicious email attachments through their BlackBerry. The company has developed a patch for the vulnerability, and will release this as soon as it has completed testing.

Until then, RIM suggests that users either disable the attachment service or exclude TIFF images from processing.

The vulnerability was highlighted at the 22nd Chaos Communication Congress in Berlin last week, during a presentation by “FX” of Phenoelit that also raised two other BlackBerry-related issues.

The first relates to an internal threat that could result in a denial of service. There is no patch yet available to counter this flaw – it is currently undergoing testing – but RIM suggests that customers should ensure that a properly configured firewall is in place to protect the BlackBerry server and router.

The second flaw could also result in a denial of service, but would be caused by the downloading of a malicious Java Application Description (JAD) file. As the name suggests, such a file describes Java applications, such as icons and platform requirements, to the BlackBerry handheld.

There is a patch for this vulnerability.

Elsewhere, RIM announced on Friday that it had received a boost in its bitter patent dispute with patent holding company NTP Inc, after the US Patents and Trademarks Office (USPTO) issued preliminary rejections of two of the patent claims under dispute. To date, the USPTO has rejected seven of the eight claims subject to litigation, although the re-examination process being carried out by the agency is still in its earliest stages.

RIM still faces the prospect of a court-imposed ban, preventing it from selling, or even running, BlackBerry devices in the US.

 

OUT-LAW Recommends

Free OUT-LAW seminars
- Making your contract work
- Information security
Six cities, October & November

This week's podcast
Are ISPs about to betray our trust?

Winner at 2008 Webby Awards

OUT-LAW star: link to the home page
Disclaimer | Privacy | Site Map | Accessibility
Disclaimer: This was printed from OUT-LAW.COM, a service of international law firm Pinsent Masons. We hope you find this content useful. However, please note that nothing in this document constitutes specific legal advice. You should consult a suitably qualified lawyer on any specific legal problem or matter. Any questions, please email info@out-law.com.