I kid you not. A nasty bug has been found hiding in the Blackberry Desktop Manager. According to the FrSIRT (French Security Incident Response Team),
A vulnerability has been identified in BlackBerry Desktop Software, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an error in the FLEXnet Connect DWUpdateService ActiveX control.
To be honest, I don’t know how this vulnerability could be possibly “exploited by attackers”, how said attackers would “compromise a vulnerable system” and how “vulnerable” our systems really are, but why take risks, right? Take action now! The HispaSec Web site points out this official RIM article that explains how to fix the problem. Basically, you have to either download and install a new version of the Desktop Manager or just install a patch kindly provided by Roxio, who introduced the flaw in the first place. It happens in the best of families. Just read that page, it is informative and thorough. Prevention is better than remedy.
Luc ( View Profile) - Posts: