Re: [Fed-Talk] BlackBerry announce virus fixes
Re: [Fed-Talk] BlackBerry announce virus fixes
- Subject: Re: [Fed-Talk] BlackBerry announce virus fixes
- From: "Joel Esler" <email@hidden>
- Date: Tue, 8 Jan 2008 15:00:45 -0500
This article is two years old. Why the repost?
joel
On Jan 8, 2008 9:42 AM, William G. Cerniuk <
email@hidden
> wrote:
Winter sniffles for your BlackBerry?
We know the BES servers are just as vulnerable as any Windows system... a virus took out BES servers all over last year disabling 1000's of BB users for each server taken down (a BB is a hand held mail terminal, not a mail client).
But now we are talking about the internals hand held as well. The Tagged Image Format File (TIFF) interpreter in the BlackBerry has been found to be vulnerable. This translates to a hole in the armor as it leads to a possible remote exploit (web page) and potential exposure of data on the hand held to the attacker. (a heap overflow results in arbitrary code execution in many cases)
Best Regards,
Wm. Cerniuk
Project Manager / Sr. Systems Architect
Veterans Affairs
703.594.7616
Time is Short, and the Water Rises
http://www.cbc.ca/money/story/2006/01/05/blackberry-060105.html
BlackBerry acknowledged that image viruses can also affect its line of hand-held devices.
Until now, BlackBerrys have been considered safe from virus attack. But Waterloo, Ont.-based Research in Motion said a computer security expert has discovered a possible flaw in its system.
RIM said a member of Phenoelit, a group that identifies security weaknesses in computers, has warned that BlackBerry users could be vulnerable to attack if they open a TIFF picture file.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden
This email sent to email@hidden
--
--Joel Esler
ISC Incident Handler
http://www.joelesler.net
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden