This is really starting to get ridiculous. I know many companies that have just disabled the PDF distiller on the BES server this past year and never plan on re-enabling it. That is exactly what RIM recommends every time one of these vulnerabilities are identified. RIM has just patched the 4th PDF Distiller vulnerability they have had since the first one on July 10th. Anybody noticing a trend here? Is RIM going to finally overhaul the PDF Distiller instead of patching it every few months?
You can find the details about the latest PDF patch at this link
As a point of reference here are the last few PDF vulnerabilities including the latest:
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (May 26, 2009)
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (April 16, 2009)
- Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (January 12, 2009)
- Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server (July 10, 2008)