»

BlackBerry Z10 Security Vulnerability Warning - June 2013

 +
BlackBerry Z10 Security Vulnerability Warning - June 2013

Would you share this article with others?

BlackBerry has issued an advisory about the vulnerability in the BlackBerry Protect software, which affects the Z10 Smartphone.users of the BlackBerry® Q10 and Z10 Smartphones, running BlackBerry® 10 OS version 10.0.10.648 and later are not affected. BlackBerry Z10 users running earlier versions of the BlackBerry 10 OS are advised to update to the latest version of the OS, because this will fully protect them against this vulnerability.

“BlackBerry Protect” helps you find your BlackBerry device and protect your device's data if your device is ever lost or stolen.  For more information about “BlackBerry Protect” software, please click here.

In order to exploit the vulnerability, the Blackberry user must have the software "BlackBerry® Protect” turned on, and download a specifically crafted malicious application. Also, the attacker must have physical access to the smartphone.

The vulnerability could allow a malicious application to:

  • Gain the device password if a remote password reset command had been issued through the BlackBerry Protect website.
  •  Intercept and prevent the smartphone from acting on BlackBerry Protect commands, such as a remote smartphone wipe.
  • With the device password and physical access to the smartphone, an attacker can:
  • Access the functionality of the smartphone (including the BlackBerry® Hub, apps, data, and the phone) by unlocking the smartphone.
  • Unlock the work perimeter on a BlackBerry Z10 smartphone that has BlackBerry® Balance™ technology enabled if the work perimeter password is the same as the device password.
  •  Access the smartphone over a USB tether with either BlackBerry Link or the computer’s file viewer, allowing access to the smartphone’s personal files, contacts, PIM data, and so on. The attacker could also access work perimeter content on BlackBerry Balance smartphones if the work perimeter is unlocked and access over a USB tether is allowed by a policy that the IT administrator sets.
  • Enable development mode after accessing the smartphone over a USB , allowing remote access as a low privilege development user.
  • Change the current device password, allowing the attacker to deny access to the legitimate user of the smartphone.
  • Access any other local and enterprise services for which the legitimate user has used the same password as the smartphone’s password.

BlackBerry Z10 owners and IT administrators who deploy BlackBerry Z10 smartphones in an enterprise should update their devices as soon as possible.

How can I find out what version of the BlackBerry 10 OS I am running?

  • From the home screen, swipe down from the top of the screen.
  • Tap  Settings.
  • Tap About, and view the OS Version field in the OS settings.

How to Manually Check for BlackberrySoftware Updates

  • From the home screen, swipe down from the top of the screen.
  • Tap  Settings, then Software Updates.
  • Tap Check for Updates.

For more information about this vulnerability, please click here.

Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

BlackBerry Z10 Security Vulnerability Warning - June 2013