BlackBerry Fixes Vulnerabilities

Friday, November 15, 2013 @ 04:11 PM gHale


BlackBerry fixed remote code execution and local privilege elevation vulnerabilities in the remote file access feature of BlackBerry Link.

While there is evidence the hole is suffering from any kind of attacks, researchers point out the flaws plague the Peer Manager component of BlackBerry Link for Windows version 1.0.1.12 to 1.2.0.28, and BlackBerry Link for Mac OS version 1.0.1 (build 6) to 1.1.1 (build 35).

RELATED STORIES
Android Fixes Third ‘MasterKey’ Bug
BlackBerry Patches Smartphones, Tablets
Users Don’t Secure Android Devices
Attack Threat Continues to Increase

In its advisory, BlackBerry said there are certain conditions an attacker would have to meet in order for an attack to be successful.

The attacker has to convince a user who has Link installed on his system to click on a link or access a malicious webpage. Another attack vector requires a local attacker to log in to an affected system while the file access feature is running under a different user account.

Hackers could gain access to the data in the Link remote file access folder only under these circumstances.

BlackBerry released a software update to fix these issues.



Leave a Reply

You must be logged in to post a comment.