AOH :: IS1705.HTM

RIM Issues BlackBerry Security Advisory




RIM Issues BlackBerry Security Advisory
RIM Issues BlackBerry Security Advisory



http://www.informationweek.com/news/personal_tech/blackberry/showArticle.jhtml?articleID=213402873 

By Thomas Claburn
InformationWeek
February 10, 2009

Research In Motion (NSDQ: RIMM) (RIM) on Tuesday issued a security 
advisory to those of its BlackBerry customers who are using BlackBerry 
Application Web Loader Version 1.0 and Microsoft (NSDQ: MSFT) Internet 
Explorer.

A vulnerability in the BlackBerry Application Web Loader ActiveX control 
could allow an attacker to execute code remotely or to cause Microsoft 
Internet Explorer to crash, the company said.

"An exploitable buffer overflow exists in the BlackBerry Application Web 
Loader ActiveX control that Internet Explorer uses to install 
applications on BlackBerry devices," RIM explains in its advisory. "When 
a BlackBerry device user browses to a Web site that is designed to 
install the BlackBerry Application Web Loader ActiveX control on 
BlackBerry devices over a USB connection, and clicks 'Yes' to install 
and run the ActiveX control, the ActiveX control introduces the 
vulnerability to the computer."

RIM's warning comes in conjunction with a security advisory issued by 
Microsoft that updates its ActiveX kill bit list to include a kill bit 
to prevent the BlackBerry Application Web Loader ActiveX control from 
being exploited.

[...]


_______________________________________________      
Best Selling Security Books & More!
http://www.shopinfosecnews.org/ 

Site design & layout copyright © 1986-2014 CodeGods