RIM Patches Blackberry Enterprise Server PDF Vulnerability

Research In Motion (RIM) has notified details of a serious vulnerability in its BlackBerry Attachment Service that could enable hackers seize control over BlackBerry Enterprise Server and execute codes remotely. 

In a security advisory, the BlackBerry maker warned about a vulnerability that tricks users into opening an email with a malformed PDF attachment, opening which could inject malicious codes onto a server carrying the BlackBerry Attachment Service. 

Notifying the gravity of the flaw, the company in its advisory said that when the maliciously crafted PDF file is opened on a BlackBerry handset, it “could cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service”. 

However, RIM has already issued an interim software update to plug these security holes in the affected iterations of the BlackBerry Professional Software as well as BlackBerry Enterprise Server. 

The company further urged users to disable PDF file processing on the affected servers until the complete security fixes are rolled out, and asserted that they should open email attachments from reliable sources only.  

You can follow ITProPortal.com on Twitter @itproportal.