It's been more than two months since Research In Motion (RIM) reported a BlackBerry smartphone or BlackBerry Enterprise Server (BES) security flaw, but the Canadian company has announced a handful of recently discovered vulnerabilities in its BlackBerry 6 handheld OS and BES for IBM Lotus Notes and Microsoft Exchange. BlackBerry Torch 9800 with Padlock.
First, RIM reports that three newly discovered vulnerabilities in the BlackBerry 6 Webkit browser could allow a hacker to access and/or modify data stored within a BlackBerry 6 smartphone's internal storage, as well as on its external media card.
"Successful exploitation of the vulnerabilities requires the BlackBerry smartphone user to browse to a website that the attacker has maliciously designed. A successful attack could result in remote code execution (RCE) on a smartphone running BlackBerry 6. An attacker exploiting these vulnerabilities could read or write to the built-in media storage section of a BlackBerry smartphone or to the media card but could not access user data that the email, calendar, and contact applications store in the application storage (the internal file system that stores application data and user data) of the BlackBerry smartphone."
The flaws affect a number of BlackBerry smartphones running the BlackBerry 6 OS, including the Bold 9650, Bold 9700, Bold 9780, Curve 9300, Pearl 9100, Style 9670, and Torch 9800 handhelds.
RIM recommends updating your BlackBerry 6 smartphone's OS to v188.8.131.522 for the Bold 9650, Curve 9330 smartphone, and Style 9670 smartphones; and to v184.108.40.2066 for the remaining affected devices. However, some wireless carriers have not yet released these software builds, so RIM recommends contacting your carrier and requesting the appropriate software if it's not yet available to you. (Find more details on RIM's security advisory page.)
Secondly, RIM reports a new BES flaw that could affect organisations that employ Microsoft's Office Communications Server (OCS) 2007 R2 and/or the Microsoft Lync Server 2010 BlackBerry IM Client with certain versions of RIM's BES for Lotus Notes and BES for Microsoft Exchange.
"A vulnerability exists in the BlackBerry Collaboration Service component of the affected versions of the BlackBerry Enterprise Server. Successful exploitation of this vulnerability would allow a potentially malicious BlackBerry device user within an organisation to log into the BlackBerry Collaboration Service as another BlackBerry Collaboration Service user within the organisation. This would allow the potentially malicious user to send messages as the legitimate user and receive messages sent to the legitimate user, as well as prevent the legitimate user from accessing the BlackBerry Collaboration Service. This would also allow the potentially malicious user to access the legitimate user's enterprise instant messaging contact list."
To address the issue, RIM released new security updates for BES in the form of a BES 5.0.3 maintenance release 4 (MR4) software update. Both BES updates can be downloaded from RIM's server downloads page.