RIM patches yet another PDF-related BES flaw

That pesky PDF distiller in Research In Motion's (RIM) BlackBerry Enterprise Server (BES) BlackBerry Attachment Service has yet again been identified as a security risk, and RIM has issued another "interim security update" to patch the vulnerability.

This latest BES security flaw is currently ranked 7.8, or "high severity," on a Common Vulnerability Scoring System (CVSS) scale of 0 to 10, with 10 representing the most critical flaws.

From RIM:

The vulnerability could allow a malicious individual to cause buffer overflow errors, which may result in arbitrary code execution on the computer that hosts the BlackBerry Attachment Service. While code execution is possible, an attack is more likely to result in the PDF rendering process terminating before it completes. In the event of such an unexpected process termination, the PDF rendering process will restart automatically but will not resume processing the same PDF file.

Successful exploitation of this issue requires a malicious individual to persuade a BlackBerry smartphone user to open a specially crafted PDF file on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server. The PDF file may be attached to an email message, or the BlackBerry smartphone user may retrieve it from a web site using the Get Link menu item on the BlackBerry smartphone.

The following BES versions are affected and should be updated immediately, according to RIM:

* BlackBerry Enterprise Server Express version 5.0.1 and 5.0.2 for Microsoft Exchange

* BlackBerry Enterprise Server Express version 5.0.2 for IBM Lotus Domino

* BlackBerry Enterprise Server versions 4.1.3 through 5.0.2 for Microsoft Exchange and IBM Lotus Domino

* BlackBerry Enterprise Server versions 4.1.3 through 5.0.1 for Novell GroupWise

* BlackBerry Professional Software version 4.1.4 for Microsoft Exchange and IBM Lotus Domino

These PDF-distiller-related BlackBerry Attachment Service vulnerabilities in BES are anything but uncommon at this point. In fact, RIM issued at least four different PDF-distiller-related security updates since the summer of 2008. (Find information on those previous BES security flaws here, here, here and here.)

For a company that prides itself on security, this is really not a good thing. To be fair, no software is 100 per cent foolproof, or secure, and RIM typically notifies its customers of any newly-discovered flaws promptly so they can update accordingly. But I must say, if I was a "malicious person" looking to exploit BlackBerry infrastructure, I would've started targeting this troublesome PDF distiller long ago. These repeated flaws seem to suggest that this latest vulnerability won't likely be the last...

For more on the new BES flaw, check out RIM's associated security advisory. And BlackBerry administrators can update their BES software via RIM's BES downloads page.

Al Sacco covers Mobile and Wireless for CIO.com. Follow Al on Twitter @ASacco. Follow everything from CIO.com on Twitter @CIOonline. Email Al at ASacco@CIO.com.

Tags mobiletelecommunicationresearch in motionpatches

Show Comments