This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

BlackBerry maker fixes PDF flaw that could crash server

Share this article:
The maker of the BlackBerry mobile device has fixed a PDF distiller vulnerability in the BlackBerry Attachment Service, which runs on the BlackBerry Enterprise.

Attackers could exploit the flaw if they are able to trick a user into opening a malicious PDF file attachment as part of an email, BlackBerry has said in an advisory. That could result in a crash of the Enterprise Server, which supports the popular smartphones.

Canada-based Research in Motion (RIM) said on Friday that it fixed the bug in BlackBerry Enterprise Server versions 4.1.3 through 4.1.5.

"There were no customer reports of any actual problems relating to this vulnerability, and RIM has since provided software updates that resolve the issue," RIM said in a statement.

The latest Enterprise Server version, 4.1.6 for Microsoft Exchange and IBM Lotus Domino, was not affected by the vulnerability, RIM said.

There are an estimated 14 million BlackBerry users worldwide.
Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...