Peaches Posted February 12, 2009 Report Share Posted February 12, 2009 11 February 2009, 10:37 RIM closes critical hole in BlackBerry The BlackBerry manufacturer RIM has released an update for its BlackBerry Application Web Loader for Windows. The update addresses a critical vulnerability in an ActiveX control. An attacker can create a buffer overflow exploit in the ActiveX control which could be triggered when a user visits a malicious site. The control is normally started by the web page to allow additional software for the BlackBerry to be downloaded to the phone, via USB. As an alternative, users can update to the killbit for the ActiveX control, which will disable it. Yesterdays Microsoft updates included a cumulative patch, which set several killbits including those for the ActiveX control from RIM. According to the bulletin from Microsoft, there is also an ActiveX safety problem with the Akamai Download Manager, but there are no details available on that issue. See also: Vulnerability exists in the BlackBerry Application Web Loader ActiveX control, RIM advisory.Update Rollup for ActiveX Kill Bits, Microsoft advisory. (djwm) Heise security: http://www.heise-online.co.uk/security/RIM...y--/news/112623 Also at PC World: http://www.pcworld.com/businesscenter/arti...bug_threat.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.