BlackBerry Forums Support Community
              

Closed Thread
 
Thread Tools
Old 01-13-2009, 10:10 AM   #1
boma0021
Talking BlackBerry Encyclopedia
 
boma0021's Avatar
 
Join Date: Jan 2005
Location: LE
Model: Pearl
Carrier: T-Mobile
Posts: 202
Default Vulnerabilities in the PDF distiller - Interim Security Update 2

Please Login to Remove!

see KB from yesterday - View Document

anybody already installed the Interim Security Update 2 ?
any problems ?
Offline  
Old 01-13-2009, 10:14 AM   #2
wunderbar
Talking BlackBerry Encyclopedia
 
wunderbar's Avatar
 
Join Date: Jun 2007
Location: Edmonton AB, Canada
Model: 9630
Carrier: Telus
Posts: 300
Default

I just noticed this too. It's making the Tech news sites

BlackBerry issues interim security patch | Security - CNET News

I'm going to download and look to see if I can schedule some downtime for tonight. I'm only at 4.1.6 MR2 though, so I'll probably have to do MR3 and then this seperate patch.
__________________
Blackberry Admin
BES 5.0.2 MR4
Exchange 2010 SP1 RU2
Blackberry 9630
WES 2008 Alumni

Last edited by wunderbar; 01-13-2009 at 10:15 AM..
Offline  
Old 01-13-2009, 11:23 AM   #3
DarthBBerry
Wireless Sith Lord
 
DarthBBerry's Avatar
 
Join Date: Jan 2007
Location: Online
Model: iOS 6
Carrier: Verizon x2
Posts: 1,458
Default

PDFs blocked again..... *sigh*
__________________
DarthBBerry
6-Time BlackBerry World Champion (2007-2012)
BlackBerry® Certified Support Specialist v5.0
BlackBerry® Certified System Administrator v5.0
Offline  
Old 01-13-2009, 11:43 AM   #4
knottyrope
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: DT60
OS: 123456789
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 7,325
Default

I just got them.

I do not like they way they named the files. somewhat clueless.

4.1.pdf instead of 4.1.6 MR3 release notes.pdf

BlackBerry_Enterprise_Server_Version_4.1.pdf instead of 4.1.6 Interim Security Software Update 2.pdf


And it also states that you need to reapply it unless you are MR4.
So update the service pack first then the PDf fix.
__________________
I had to fall
To lose it all
But in the end
It doesn't even matter

Rocking the Motion with out lotion.

Last edited by knottyrope; 01-13-2009 at 11:54 AM..
Offline  
Old 01-13-2009, 12:17 PM   #5
CanadianCrack
Thumbs Must Hurt
 
Join Date: Apr 2008
Location: Canada
Model: 9800
PIN: N/A
Carrier: MTS
Posts: 71
Default

Thanks for the heads up!!


I also just blocked pdf's again.
Offline  
Old 01-13-2009, 12:36 PM   #6
mahoward
CrackBerry Addict
 
mahoward's Avatar
 
Join Date: May 2005
Model: 8900
Carrier: T-Mobile
Posts: 560
Default

So basically, after the first interim fix last year, they forgot to include the fix in the subsequent MR's?

Brilliant.

Edit: Ok, maybe they are new and different. Still, what a pain.
__________________
BESX 4.1.7 on Exchange 2003: 65 Devices
BESX 5.0.3 on Exchange 2003: 2007 Devices

Last edited by mahoward; 01-13-2009 at 12:38 PM..
Offline  
Old 01-13-2009, 02:00 PM   #7
Jadey
BBF War Game Mod
 
Jadey's Avatar
 
Join Date: Oct 2006
Location: Denver CO
Model: Z10
OS: 10010614
PIN: SEEKRIT innit
Carrier: AT&T
Posts: 4,294
Default

Boo
__________________
Jadey : Infrastructure Architect, Denver CO
Offline  
Old 01-13-2009, 10:54 PM   #8
wunderbar
Talking BlackBerry Encyclopedia
 
wunderbar's Avatar
 
Join Date: Jun 2007
Location: Edmonton AB, Canada
Model: 9630
Carrier: Telus
Posts: 300
Default

Looks like this interm patch is harder to apply than we thought. I just downloaded it to apply it and all it is is 3 dll files. There are no instructions on how to properly apply these dll files. I assume you have to un-register the old one's delete them, then copy the new ones and re-register, but there does not appear to be any doucmentation for exactly how to apply it. I'm aborting for tonight, and will just have to disable PDF viewing on my devices for now.
__________________
Blackberry Admin
BES 5.0.2 MR4
Exchange 2010 SP1 RU2
Blackberry 9630
WES 2008 Alumni
Offline  
Old 01-13-2009, 11:11 PM   #9
Inphektion
CrackBerry Addict
 
Join Date: Oct 2004
Model: 9800
OS: 6.0.0.337
Carrier: (¯`·.¸at&t¸.·´¯)
Posts: 825
Default

?? when i downloaded it I also downloaded the release notes which give clear instructions. I applied this yesterday with no issues. But yes you are right with your instructions anyway. except they add to stop the attachment service and the dispatcher. Unregister the 3 dll's. copy over new ones. register new ones. start services. that's it.
Offline  
Old 01-14-2009, 01:44 AM   #10
Neo3000
Knows Where the Search Button Is
 
Neo3000's Avatar
 
Join Date: Jul 2008
Model: 9000
PIN: N/A
Carrier: TMO
Posts: 32
Lightbulb Installation script

Hi,

I build a small installation script for the PDF fix.

Just copy the new DLLs and the script together in a directory on the BES and start the script.

What it does:
1) Find BES installation directory via registry
2) Stop Blackberry Dispatcher, Blackberry Attachment Service and Blackberry Synchronization Service
3) Backup old files
4) De-register DLLs
5) Copy new files
6) Register DLLs
7) Start services

I tested it on 4.1.5 and 4.1.6 on Domino only. It may also work on Exchange, but you might have to change the service names.

Greetings,
Neo3000
Attached Files
File Type: zip SecurityUpdateInstaller.zip (1.1 KB, 123 views)
__________________
BES 4.1.7 (20 servers), Domino 7.0.3 with 19000+ users
BES 5.0.2 (8 server), Exchange 2010 SP1 with 1000+ users
Offline  
Old 01-14-2009, 09:40 AM   #11
knottyrope
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: DT60
OS: 123456789
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 7,325
Default

Sounds like a nice script.
I might play with it for exchange today if I get some time.
__________________
I had to fall
To lose it all
But in the end
It doesn't even matter

Rocking the Motion with out lotion.
Offline  
Old 01-14-2009, 10:01 AM   #12
wunderbar
Talking BlackBerry Encyclopedia
 
wunderbar's Avatar
 
Join Date: Jun 2007
Location: Edmonton AB, Canada
Model: 9630
Carrier: Telus
Posts: 300
Default

That's very weird, because I tried to download the release notes as well, and the link wasn't working. This morning, it is. Maybe I need to double check the specific computer I was trying to download the release notes too. I dunno. As it stands I now have the release notes, and will go install the patch, and try to remove my foot from my mouth.
__________________
Blackberry Admin
BES 5.0.2 MR4
Exchange 2010 SP1 RU2
Blackberry 9630
WES 2008 Alumni
Offline  
Old 01-14-2009, 10:25 AM   #13
mahoward
CrackBerry Addict
 
mahoward's Avatar
 
Join Date: May 2005
Model: 8900
Carrier: T-Mobile
Posts: 560
Default

Quote:
Originally Posted by Neo3000 View Post
Hi,

I build a small installation script for the PDF fix.

Just copy the new DLLs and the script together in a directory on the BES and start the script.

What it does:
1) Find BES installation directory via registry
2) Stop Blackberry Dispatcher, Blackberry Attachment Service and Blackberry Synchronization Service
3) Backup old files
4) De-register DLLs
5) Copy new files
6) Register DLLs
7) Start services

I tested it on 4.1.5 and 4.1.6 on Domino only. It may also work on Exchange, but you might have to change the service names.

Greetings,
Neo3000
I was going to do this myself but thought.... bah don't have the time.

THANKS!
__________________
BESX 4.1.7 on Exchange 2003: 65 Devices
BESX 5.0.3 on Exchange 2003: 2007 Devices
Offline  
Old 01-14-2009, 09:34 PM   #14
felice
New Member
 
Join Date: Jan 2008
Model: 8700
PIN: N/A
Carrier: -
Posts: 1
Default

Is Interim Security Software Update "2" replace Interim Security Software Update "1"?
(in actuality "1" is not added)

the version of .dll files are,
Interim Security Software Update: version 4.1.4.18
Interim Security Software Update 2: version 4.1.4.19

*our BES are 4.1.4 MR6.
Offline  
Old 01-15-2009, 10:06 AM   #15
knottyrope
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: DT60
OS: 123456789
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 7,325
Default

Yes it replaces it.
__________________
I had to fall
To lose it all
But in the end
It doesn't even matter

Rocking the Motion with out lotion.
Offline  
Old 01-15-2009, 01:02 PM   #16
fadmin
BlackBerry Extraordinaire
 
Join Date: Mar 2007
Model: Z10
OS: 10.1.0.19
Carrier: Fido
Posts: 1,068
Default

Quote:
Originally Posted by knottyrope View Post
Yes it replaces it.
Not according to RIM's KB... hmmmm :
View Document
Offline  
Old 01-15-2009, 04:58 PM   #17
MarkF
Thumbs Must Hurt
 
Join Date: Mar 2005
Model: Torch
Carrier: ATT
Posts: 179
Default

NEO3000 - I used your script with no changes at all and it worked beautifully on my BES v4.1.6 MR2 Exchange version. One BES down, 23 more to go!!

Can't thank you enough!
Offline  
Old 01-15-2009, 05:25 PM   #18
MarkF
Thumbs Must Hurt
 
Join Date: Mar 2005
Model: Torch
Carrier: ATT
Posts: 179
Default

Just noticed - Have to edit the script: replace 'Blackberry Attachment Service' with 'BBAttachService' .
Offline  
Old 01-15-2009, 05:32 PM   #19
knottyrope
BlackBerry Elite
 
knottyrope's Avatar
 
Join Date: Jan 2008
Location: Massachusetts
Model: DT60
OS: 123456789
PIN: t of blood has been taken
Carrier: AT&T-US with I dee ten tee errors
Posts: 7,325
Default

Quote:
Originally Posted by fadmin View Post
Not according to RIM's KB... hmmmm :
View Document
My version is 4.1.6.12 on the DLL.

The old one (1) for SP5 was 4.1.5.18
The new one (2) for SP5 is 4.1.5.22

My guess he has PRO and it does need the newer version, hope he did not download the wrong version. This could get confusing fast.
__________________
I had to fall
To lose it all
But in the end
It doesn't even matter

Rocking the Motion with out lotion.

Last edited by knottyrope; 01-15-2009 at 05:38 PM..
Offline  
Old 01-19-2009, 05:03 PM   #20
ZeroKool
Talking BlackBerry Encyclopedia
 
ZeroKool's Avatar
 
Join Date: Aug 2006
Location: stl, MO
Model: 8330
PIN: nope
Carrier: verizon
Posts: 314
Default

soo....When you apply this patch is removes the pdf distiller? Cause mine is gone now...whats the deal?
__________________
Me likey BlackBerry
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Grandstream WP810 Dual Band Portable Wi-Fi Phone Voip Phone and Device- picture

Grandstream WP810 Dual Band Portable Wi-Fi Phone Voip Phone and Device-

$42.95



Digium D-60 VoIP Phone picture

Digium D-60 VoIP Phone

$39.99



Polycom SoundPoint IP 335 HD Corded VoIP Phone Office Business Phone Black picture

Polycom SoundPoint IP 335 HD Corded VoIP Phone Office Business Phone Black

$18.00



NEW CyberData Amplifier 011061B VoIP V2 Paging picture

NEW CyberData Amplifier 011061B VoIP V2 Paging

$89.99



Mitel 5330e Enhanced Gigabit (50006476) BACKLIT Display POE IP NEW picture

Mitel 5330e Enhanced Gigabit (50006476) BACKLIT Display POE IP NEW

$139.00



Allworx Verge 9308 Voip IP Display Phone 8113080 Black, Ethernet VOIP picture

Allworx Verge 9308 Voip IP Display Phone 8113080 Black, Ethernet VOIP

$88.09







Copyright © 2004-2016 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.