No internet connection

No Internet Connection Detected

BlackBerry Z10 Security Vulnerability Warning - June 2013

BlackBerry has issued an advisory about the vulnerability in the BlackBerry Protect software, which affects the Z10 Smartphone.users of the BlackBerry® Q10 and Z10 Smartphones, running BlackBerry® 10 OS version 10.0.10.648 and later are not affected. BlackBerry Z10 users running earlier versions of the BlackBerry 10 OS are advised to update to the latest version of the OS, because this will fully protect them against this vulnerability.

BlackBerry Z10 Security Vulnerability Warning - June 2013
Advertisement

“BlackBerry Protect” helps you find your BlackBerry device and protect your device's data if your device is ever lost or stolen.  For more information about “BlackBerry Protect” software, please click here.

In order to exploit the vulnerability, the Blackberry user must have the software "BlackBerry® Protect” turned on, and download a specifically crafted malicious application. Also, the attacker must have physical access to the smartphone.

The vulnerability could allow a malicious application to:

  • Gain the device password if a remote password reset command had been issued through the BlackBerry Protect website.
  •  Intercept and prevent the smartphone from acting on BlackBerry Protect commands, such as a remote smartphone wipe.
  • With the device password and physical access to the smartphone, an attacker can:
  • Access the functionality of the smartphone (including the BlackBerry® Hub, apps, data, and the phone) by unlocking the smartphone.
  • Unlock the work perimeter on a BlackBerry Z10 smartphone that has BlackBerry® Balance™ technology enabled if the work perimeter password is the same as the device password.
  •  Access the smartphone over a USB tether with either BlackBerry Link or the computer’s file viewer, allowing access to the smartphone’s personal files, contacts, PIM data, and so on. The attacker could also access work perimeter content on BlackBerry Balance smartphones if the work perimeter is unlocked and access over a USB tether is allowed by a policy that the IT administrator sets.
  • Enable development mode after accessing the smartphone over a USB , allowing remote access as a low privilege development user.
  • Change the current device password, allowing the attacker to deny access to the legitimate user of the smartphone.
  • Access any other local and enterprise services for which the legitimate user has used the same password as the smartphone’s password.

BlackBerry Z10 owners and IT administrators who deploy BlackBerry Z10 smartphones in an enterprise should update their devices as soon as possible.

How can I find out what version of the BlackBerry 10 OS I am running?

  • From the home screen, swipe down from the top of the screen.
  • Tap  Settings.
  • Tap About, and view the OS Version field in the OS settings.

How to Manually Check for BlackberrySoftware Updates

  • From the home screen, swipe down from the top of the screen.
  • Tap  Settings, then Software Updates.
  • Tap Check for Updates.

For more information about this vulnerability, please click here.

Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search Search engine.

Click here help maintain Online Threat Alerts (OTA).

Note: Some of the information in samples on this website may have been impersonated or spoofed.
Would you share this article with others?  +

Comments, Questions, Answers, or Reviews

There are no comments as yet, please leave one below or revisit.

To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Advertisement

Write Your Comment, Question, Answer, or Review

NB: We will use your IP address to display your approximate location to other users.

Your post will be set as an anonymous because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

Recommendations / Ads
BlackBerry Z10 Security Vulnerability Warning - June 2013