Blackberries Vulnerable to Malicious E-Mail Attacks, Vendor Warns

Blackberry handheld communication devices can be just as vulnerable as desktop and laptop computers to certain malicious e-mail attacks.

One of the largest makers of Blackberry, devices Research in Motion of Waterloo, Ontario, Canada, is warning its customers that their popular handheld devices could lose their ability to view attachments if a certain type of malicious e-mail image is opened on them. In a positing on the customer support web site, the company says a flaw in the design of its Blackberry Enterprise edition makes the device vulnerable to attacks by specially crafted Tagged Image File Format (TIFF) images.

The company said that it has already developed a remedy for the problem and will make the upgrade available to users as soon as it completes testing of it. In the meantime, Research in Motion is warning users to not open any TIFF images in their Blackberry’s attachment services or to disable the attachment services altogether. Disabling the services may be required, the company says, because even though an e-mailed TIFF extension has been removed from the list of supported file types, the service may automatically detect a TIFF file with a renamed extension and attempt to process the file.

The Web site link explains the issue in more detail and provides detailed directions on how to disable the attachment services. The site also features a link to the United States Computer Services Readiness Team’s Web site, where there is additional information on how personal and business users of mobile devices can protect themselves from viruses, worms and identity theft.

While opening a malicious TIFF will kill the Blackberry’s ability to display a view of attachments, the attack does not impact the devices’ other services, such as sending and receiving messages, making phone calls, browsing the Internet, and accessing corporate networks.
~JC

You may like these other stories...

Whenever I speak to accountants about creating a cloud practice, the most common question is, “How do I charge my clients?” Ten years ago, maybe even five years ago, if I would’ve posed this question...
While reputational risk is the No. 1 nonfinancial concern among corporate directors, cybersecurity/IT risk is gaining steam. In fact, both private companies and organizations with more than $1 billion in revenue felt they...
Accountants who specialize in forensic and valuation services point to electronic data analysis, or big data, as the most pressing issue they’ll face in the coming months, according to results of a new survey released...

Upcoming CPE Webinars

Jul 31
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.
Aug 20
In this session we'll review best practices for how to generate interest in your firm’s services.
Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.