Results 1 to 9 of 9

Via eWeek.com : "Research In Motion has plugged a security hole that left BlackBerry users ... BlackBerry News forum

  1. #1
    MStrawder's Avatar
    MStrawder no está en línea Stack Pro
    Join Date
    Jul 2008
    PIN/ID
    Ask
    Posts
    1,825

    RIM Fixes Security Hole In BlackBerry's

    Advertisement



    Via eWeek.com: "Research In Motion has plugged a security hole that left BlackBerry users open to phishing attacks. The bug lies in the BlackBerry browser dialog box, which provides information about Website domain names and their associated certificates. While the dialog box informs users when there is a mismatch between site domain names and domain names indicated in associated certificates, it does not properly illustrate that the mismatch is due to the presence of some hidden characters in the site domain name."

    In short, prior to the patch, people operating malicious websites could much more easily fool the average user into thinking they were logging into a legitimate site, when in-fact they were logging into a phishing/malware site. The BlackBerry wouldn't know the difference and if the developer were clever enough, neither would you. The vulnerability affects users running OS 4.5 and later.

    Full article from eWeek is available here.
    Last edited by MStrawder; 10-03-2009 at 07:01 PM.
    "Our greatest fear is not that we are inadequate, but that we are powerful beyond measure" ~ Marianne Williamson
    Current OS list by device
    How to upgrade your OS

  2. #2
    MotoUp's Avatar
    MotoUp no está en línea BES Pro
    Join Date
    Nov 2006
    Posts
    3,360
    This isn't a full OS update is it? The updater site won't work for BES users. Have you seen a stand alone download link?

  3. #3
    MStrawder's Avatar
    MStrawder no está en línea Stack Pro
    Join Date
    Jul 2008
    PIN/ID
    Ask
    Posts
    1,825
    Just read another article and it's saying it's a carrier patch, so maybe we'll see it pushed to us.
    "Our greatest fear is not that we are inadequate, but that we are powerful beyond measure" ~ Marianne Williamson
    Current OS list by device
    How to upgrade your OS

  4. #4
    camshafter's Avatar
    camshafter no está en línea Stack level 3
    Join Date
    Feb 2009
    PIN/ID
    ask
    Posts
    341
    yea good questions is this just a patch or full OS update? i like my current OS and not sure i have the ability to change it

  5. #5
    Jaricanese's Avatar
    Jaricanese no está en línea Software Pro
    Join Date
    May 2007
    PIN/ID
    ASK
    Posts
    902
    I doubt it would be a full OS update with so many release variations for each device, a patch would be much simpler.

  6. #6
    MotoUp's Avatar
    MotoUp no está en línea BES Pro
    Join Date
    Nov 2006
    Posts
    3,360
    I checked it from my wife's Storm which is BIS only, and all it does is try and update it to the official 148, which she's already on, so I didn't proceed any further. I figured I'd wait until I had time to look into it a little more.

  7. #7
    Lavagirl's Avatar
    Lavagirl no está en línea PINStacked!
    Join Date
    May 2007
    PIN/ID
    AoleLava
    Posts
    10,877
    Investigation proceeds ^^ if you need assistance, let us know

  8. #8
    MStrawder's Avatar
    MStrawder no está en línea Stack Pro
    Join Date
    Jul 2008
    PIN/ID
    Ask
    Posts
    1,825
    It's going to be a carrier side patch, likely pushed with new service books. It should be seamless.
    "Our greatest fear is not that we are inadequate, but that we are powerful beyond measure" ~ Marianne Williamson
    Current OS list by device
    How to upgrade your OS

  9. #9
    camshafter's Avatar
    camshafter no está en línea Stack level 3
    Join Date
    Feb 2009
    PIN/ID
    ask
    Posts
    341
    any ideas when this might be?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •