Thread: Critical security vulnerability in BlackBerry Desktop Software
View Single Post
Old 12-01-2008, 11:54 AM   #5
daphne
BBF Spam Killer Moderator
 
daphne's Avatar
 
Join Date: May 2007
Location: on a sunny beach
Model: Paspt
OS: 10.3.0.90
PIN: X1ZPY34K
Carrier: VZW but not for long
Posts: 9,176
Default
Quote:
Originally Posted by dbltap View Post
Just a question on this.... Per the data above, this was released on Nov 28th. Yet this morning on the download page the version listed is 4.7.0 B50 and a date of Nov 17, 2008. Should we be looking for a version greater than B50? Or was the fix already in B50? It's a 310 meg download and I don't want to do it again if I already have it.
It looks like the vulnerability was known for a few weeks prior to the Secunia advisory of 11-28-08. Most likely RIM and the other companies updated their software prior to the advisory being posted on Secunia. This is a common practice when security vulnerabilities are discovered -- the companies are told so it can be fixed before it's publicized. That way miscreants don't have a chance to use it to attack users before there is a patch.
__________________
Report spam text messages to 7726
#BlackBerry by choice
Offline   Reply With Quote