The maker of BlackBerrys warned yesterday that the popular wireless devices are vulnerable to two types of attacks that could prevent users from opening e-mail attachments and disrupt service, as reported today by IDG News Service.
The first vulnerability allows an attacker to use a TIFF image file that can block a BlackBerry user from viewing an attachment, announced Research in Motion, the maker of Blackberries. The U.S. Computer Emergency Readiness Team issued an advisory late last month that cited the vulnerability and referred users to RIM for remediation. RIM says it will fix the security hole in its next release of the BlackBerry Enterprise Server. In the meantime, information on a workaround is available at BlackBerry.com.
The second vulnerability allows a denial of service attack by sending malformed protocol packets. An external attacker can manipulate Domain Name System queries to take advantage of the security hole, RIM said. RIM advises customers to protect the BlackBerry Enterprise Server and BlackBerry Router with a firewall and to create static entries in DNS or hosts tables for the BlackBerry Infrastructure. RIM has said it will eliminate this vulnerability in a future software release.
By Allan Holmes