I knew the exploit found in the BlackBerry 6 Browser at Pwn2Own would get a nice knee jerk reaction from RIM security. RIM was supposed to investigate to see if the vulnerability in the new BlackBerry 6 WebKit browser existed in new releases and it looks like they have. They have posted up a new Knowledge Base article talking about the new CVSS Score 6.8 vulnerability. The crazy thing is that RIM suggests and instructs users to disable JavaScript in the WebKit browser to protect themselves from this vulnerability.
That is a pretty tall order from RIM. The new BlackBerry 6 WebKit browser is THE best part of the BlackBerry 6 experience and it would not be so without JavaScript. I dare you to try it out. You will suddenly notice websites stop working left and right. Buttons you click on will stop working along with many other functions that require JavaScript.
I think this is a perfect chance for RIM to treat their actual customers right and run around the carriers with a quick marginal OS upgrade to fix the issue. RIM has for awhile had the ability to perform marginal updates compared to total OS updates. What do you think? The other option is for RIM to continue to recommend disabling JavaScript until every carrier puts out an updated OS build sometime in 2013.
Thanks Tim for the tip! via PocketBerry
Amir Saad ( View Profile) - Posts: