Blackberries Vulnerable to Malicious E-Mail Attacks, Vendor Warns

Blackberry handheld communication devices can be just as vulnerable as desktop and laptop computers to certain malicious e-mail attacks.

One of the largest makers of Blackberry, devices Research in Motion of Waterloo, Ontario, Canada, is warning its customers that their popular handheld devices could lose their ability to view attachments if a certain type of malicious e-mail image is opened on them. In a positing on the customer support web site, the company says a flaw in the design of its Blackberry Enterprise edition makes the device vulnerable to attacks by specially crafted Tagged Image File Format (TIFF) images.

The company said that it has already developed a remedy for the problem and will make the upgrade available to users as soon as it completes testing of it. In the meantime, Research in Motion is warning users to not open any TIFF images in their Blackberry’s attachment services or to disable the attachment services altogether. Disabling the services may be required, the company says, because even though an e-mailed TIFF extension has been removed from the list of supported file types, the service may automatically detect a TIFF file with a renamed extension and attempt to process the file.

The Web site link explains the issue in more detail and provides detailed directions on how to disable the attachment services. The site also features a link to the United States Computer Services Readiness Team’s Web site, where there is additional information on how personal and business users of mobile devices can protect themselves from viruses, worms and identity theft.

While opening a malicious TIFF will kill the Blackberry’s ability to display a view of attachments, the attack does not impact the devices’ other services, such as sending and receiving messages, making phone calls, browsing the Internet, and accessing corporate networks.
~JC

You may like these other stories...

Cybersecurity is no longer the domain of an organization's IT staff. It's moved to the boardroom, and in a big way. Accountants and financial managers may have been thinking it's just the province of the tech...
You probably don't want to think about how many times you access the File menu in Excel 2010 or 2013. Personally I think Excel 2010 has the best possible File menu arrangement, other than having Print Preview grafted...
Following other recent high-profile hacking events, investigators discovered yesterday that hackers broke into the draft work paper files of several famous CPA firms. Revealing images of the scantily clad documents have been...

Already a member? log in here.

Upcoming CPE Webinars

Sep 24
In this jam-packed presentation Excel expert David Ringstrom, CPA will give you a crash-course in creating spreadsheet-based dashboards. A dashboard condenses large amounts of data into a compact space, yet enables the end user to easily drill down into details when warranted.
Sep 30
This webcast will include discussions of important issues in SSARS No. 19 and the current status of proposed changes by the Accounting and Review Services Committee in these statements.
Oct 21
Kristen Rampe will share how to speak and write more effectively by understanding your own and your audience's communication style.
Oct 23
Amber Setter will show the value of leadership assessments as tools for individual and organizational leadership development initiatives.