Research in Motion has issued an advisory on a security vulnerability in BlackBerry smartphones that leaves it susceptible to hackers.
A patch for the BlackBerry Enterprise Server has been released to fix flaws in its PDF distiller program. The vulnerability is a critical one with a Common Vulnerability Scoring System (CVSS) rating of 9.3 out of 10, RIM revealed.
In this scenario, a user could open a malicious PDF attachment on their BlackBerry device, which would see harmful software installed on the server that handles a company’s BlackBerry network. Hackers then have control of the servers to not only send spam but also steal confidential corporate information.
No attacks have been reported yet but security experts warn that the problem must be serious enough for RIM to issue the advisory. As soon as companies publicise security flaws, hackers are known to rush and exploit them because users are slow to react.
“It is a serious problem. You need to read the advisory and implement a fix before the hackers try to take control,” Graham Cluley, a senior researcher with anti-virus software marker Sophos, told Reuters.
Research in Motion suggests that businesses restrict users from opening attachments until they install the patch. For more information, read the advisory on BlackBerry’s website.
