Research in Motion has reported a handful of recently discovered vulnerabilities in its BlackBerry 6 OS -- the one used in BlackBerry devices shipped from summer 2010 to summer 2010 and also installed as an update on a few previous models -- and BES for IBM Lotus Notes and Microsoft Exchange.
First, RIM reports that three newly discovered vulnerabilities in the BlackBerry 6 WebKit browser could allow a hacker to access and/or modify data stored in a BlackBerry 6 smartphone's internal storage, as well as on its external media card.
Successful exploitation of the vulnerabilities requires the BlackBerry smartphone user to browse to a website that the attacker has maliciously designed. A successful attack could result in remote code execution (RCE) on a smartphone running BlackBerry 6. An attacker exploiting these vulnerabilities could read or write to the built-in media storage section of a BlackBerry smartphone or to the media card but could not access user data that the email, calendar, and contact applications store in the application storage (the internal file system that stores application data and user data) of the BlackBerry smartphone.
The flaws affect many models of BlackBerry smartphones running the BlackBerry 6 OS, including the Bold 9650, Bold 9700, Bold 9780, Curve 9300, Pearl 9100, Style 9670, and Torch 9800.
RIM recommends updating your BlackBerry 6 smartphone's OS to v126.96.36.1992 for the Bold 9650, Curve 9330, and Style 9670; and to v188.8.131.526 for the remaining affected devices. However, some wireless carriers have not yet released these software builds, so RIM recommends contacting your carrier and requesting the appropriate software if it's not yet available to you. (Find more details on RIM's security advisory page.)
Second, RIM reports a new BES flaw that could affect organizations that employ Microsoft's Office Communications Server (OCS) 2007 R2 and/or the Microsoft Lync Server 2010 BlackBerry IM Client with certain versions of RIM's BES for Lotus Notes and BES for Microsoft Exchange.
A vulnerability exists in the BlackBerry Collaboration Service component of the affected versions of the BlackBerry Enterprise Server. Successful exploitation of this vulnerability would allow a potentially malicious BlackBerry device user within an organization to log into the BlackBerry Collaboration Service as another BlackBerry Collaboration Service user within the organization. This would allow the potentially malicious user to send messages as the legitimate user and receive messages sent to the legitimate user, as well as prevent the legitimate user from accessing the BlackBerry Collaboration Service. This would also allow the potentially malicious user to access the legitimate user's enterprise instant messaging contact list."
To address the issue, RIM released security updates for BES in the form of a BES 5.0.3 maintenance release 4 (MR4) software update. Both BES updates can be downloaded from RIM's server downloads page. (Find more specifics on this new BES flaw on RIM's security advisory page.)
Al Sacco covers Mobile and Wireless for CIO.com. Follow Al on Twitter @ASacco. Follow everything from CIO.com on Twitter @CIOonline and on Facebook. Email Al at firstname.lastname@example.org Read more about mobile/wireless in CIO's Mobile/Wireless Drilldown.