http://www.informationweek.com/news/personal_tech/blackberry/showArticle.jhtml?articleID=213402873 By Thomas Claburn InformationWeek February 10, 2009 Research In Motion (NSDQ: RIMM) (RIM) on Tuesday issued a security advisory to those of its BlackBerry customers who are using BlackBerry Application Web Loader Version 1.0 and Microsoft (NSDQ: MSFT) Internet Explorer. A vulnerability in the BlackBerry Application Web Loader ActiveX control could allow an attacker to execute code remotely or to cause Microsoft Internet Explorer to crash, the company said. "An exploitable buffer overflow exists in the BlackBerry Application Web Loader ActiveX control that Internet Explorer uses to install applications on BlackBerry devices," RIM explains in its advisory. "When a BlackBerry device user browses to a Web site that is designed to install the BlackBerry Application Web Loader ActiveX control on BlackBerry devices over a USB connection, and clicks 'Yes' to install and run the ActiveX control, the ActiveX control introduces the vulnerability to the computer." RIM's warning comes in conjunction with a security advisory issued by Microsoft that updates its ActiveX kill bit list to include a kill bit to prevent the BlackBerry Application Web Loader ActiveX control from being exploited. [...] _______________________________________________ Best Selling Security Books & More! http://www.shopinfosecnews.org/Received on Tue Feb 10 2009 - 23:08:02 PST
This archive was generated by hypermail 2.2.0 : Tue Feb 10 2009 - 23:13:37 PST