The company issued an alert on Tuesday for the BlackBerry Enterprise Server and Professional Software packages to address a flaw which could allow an attacker to remotely execute code on a targeted system.
The vulnerability concerns the way the BlackBerry software handles PDF files. An attacker could attach a specially crafted PDF file to an email message, targeting a flaw in the handset's PDF distiller component to create a software crash and possibly allow the remote execution of code.
Research In Motion noted that the fix is not related to an earlier update that addressed a similar flaw in the BlackBerry's PDF software.
Discovery of the vulnerability was credited to iDefense researcher Sean Larsson. The vulnerability is not thought to be actively targeted in the wild.
There have been relatively few instances of mobile malware outbreaks in recent months, but security experts have warned that malware writers could adjust their tactics to target smartphones and mobile handsets as adoption increases.
RIM issues BlackBerry security fix
By Shaun Nichols on Jan 15, 2009 6:39AM