Blackberry Security Hole
I’m sure most of you know this already.
However, I have a lot of less technical readers here lately who might not have quite as many subscriptions to security mailing lists as I do, so, I thought I’d post a quick warning. There is a significant security hole in all but the absolute most recent version of Blackberry server, and possibly even there, too. Apparently, if someone sends you a specially crafted TIFF or PNG graphic file and you read it with your Blackberry, the attacker can compromise your Blackberry server. By compromise, I mean download and run executables on it. As in, so long and thanks for all the financial data you might have stored on any Windows-based server. Yeah, it could be that bad, due, in part, to the way Windows handles security and the level of access that the Blackberry server wants to that Windows network. So, all you Blackberry readers out there, including you Mystery Reader, be careful with attachments until your IT staff gets the upgrade done! (And, go ahead, bug them about this. Don’t be put off by their scowls and catcalls and rude hand gestures. Network Geeks love to get these little interruptions in our day!)
