Quote:
Originally Posted by Joseph4200
I read about this yesterday.
Even though RIM has stated that it only effects the Blackberry's ability to open attachments, Brian kregs from the washington post did some investigating. THe following is quoted from his blog.
Lindner found that by convincing a Blackberry user to click on a special image attachment, that handheld device could be made to pass on malicious code to the Blackberry server, which could then be taken over and used to intercept e-mails or as a staging point for other attacks within the network.
http://blogs.washingtonpost.com/secu...ty_hole_e.html
|
The guy is an uninformed moron of a reporter who cannot seem to grasp the concept that there are more than one vulnerability. In the original blog, he talked about the TIFF vulnerability. In the update, after speaking to FX, he wrote of the PNG vulnerability and stated it was fixed already, although this was seemingly applied to the previously mentioned TIFF vulnerability. The blog/article should have read that there was an exploit for both TIFF and PNG files, the latter being fixed as of SP3 and the former still being an issue. If he could read correctly, he'd notice that RIM has published these findings in B&W, so contacting them for anything more than an ETA on a fix was useless.