BlackBerry warns against software faults

BlackBerry warns against software faults

BlackBerry has released two security bulletins this week, which it says could compromise both the security and functionality of its Playbook and Z10 devices.

One of the flaws was found in Adobe Flash for both the BlackBerry Playbook and Z10 touchscreen smartphone, while the other was related to the BlackBerry Protect application for the Z10.

In a statement, the company reassured customers that it would be difficult for malicious users to take advantage of flaws in BlackBerry Protect, as it relies on the application first being enabled, then used to reset the password, and actually having physical access to the phone itself.

However, if an attacker manages to meet all of those requirements, it can cause havoc with the bring your device (BYOD) safety features within the Z10.

BlackBerry has subsequently stressed the importance of ensuring that any passwords for work uses are separated from any personal information.

In a blog post for Naked Security, writer Chester Wisniewski explained: "While BlackBerry's latest OS lets users segregate their work and home lives using perimeters, those are only secure if you use different credentials to access each.

"Even worse, if you use the same password on your phone, your work perimeter, home perimeter and Active Directory credentials, one mistake brings down the whole house of cards."

He added that even when the chances of a security attack appear to be remote, it is still important for workers to apply a separate password to every facet of their device.

The company itself has also advised any users with earlier versions of the BlackBerry 10 operating system to download the latest software.

In a separate bulletin, it said that the issue surrounding Adobe Flash was yet to be maliciously exploited, and stressed that risks were limited due to the design of its latest operating system.

But BlackBerry claims that such security could be compromised by a successful phishing campaign, which could result from an email or webpage being accessed.

Again, the company has recommended that users download the latest version of its operating system.