- CrackBerry Genius
02-18-13, 05:54 PM #5
- 3,739 Posts
- 02-18-13, 05:55 PM #6
BB made fixes, isn't that routine business as usual?
18 February 2013, 12:08
BlackBerry Enterprise Server vulnerable to dangerous TIFFs
BlackBerry has published details of critical vulnerabilities in components of its BlackBerry Enterprise Server (BES). The holes allow attackers to execute arbitrary code on systems running BlackBerry Enterprise Server.
The flaws affect the BlackBerry MDS Connection Service and BlackBerry Messaging Agent when they are processing TIFF images for rendering on BlackBerry smartphones. The MDS Connection Service flaw requires an attacker to create a web page and persuade a BlackBerry smartphone user to view that page and click on a link. With the Messaging Agent flaw it is possible for an attacker to embed a specially crafted image into an email to a user of the enterprise server; it is not necessary for a user to click on anything or even attempt to view the message for the exploit to take place. The underlying bugs, CVE-2012-2088 and CVE-2012-4447 exist in the libtiff library and are fixed in BES 5.0.4 MR2.
BES Express versions 5.0.2 to 5.0.4, BES for Microsoft Exchange and Lotus Domino 5.0.2 to 5.0.4, and BES for Novell Groupwise, 5.0.1 to 5.0.4 are all affected, as are earlier versions that are no longer supported by BlackBerry. There are interim security updates available for patching purposes or administrators can upgrade to version 5.0.4 MR2 which includes fixes for this and other issues. BlackBerry also offers some workarounds which involve removing the vulnerable image.dll handler and blocking inline image handling.
BlackBerry Enterprise Server vulnerable to dangerous TIFFs - The H Security: News and Features
- 02-18-13, 05:57 PM #7
There has been no mention of a possible withdrawal from the Korea market, but the company has not denied the rumours either.
- 02-18-13, 06:23 PM #8
Yeah.. I'm not too sure on these articles after reading them for me to state how critical they are. There's not a lot of confirmation on the Korean story and the other looks like a basic secutiry patch.
I'm sure someone in the media will get a hold of it and blow it out of proportion as they usually tend to do with BB.. but for me I don't see much here that has confirmed anything major.
- 02-18-13, 06:41 PM #10
- 02-18-13, 06:45 PM #11
There has been widespread speculation that Lenovo may be looking to license BB10. If there is any truth to this whatsoever, it may well be that part of that deal might call for BB themselves to depart Japan and S. Korea and leave those markets to their licensee.
That idea is kind of "out there", but I could kind of see it.
- 02-18-13, 06:51 PM #12
Speaking of survival..here is one thing I feel postable.
My wife and I flew into Palm Springs today and one of the first stops was at a T-MOBILE shop to pick up a sim card..
There were four store employees and three customers...when I pulled out my Z10 everyone in the store..
And I mean everyone came over to see it and get a quick try...without exception they all liked it and four of them said for sure they were going to get one when they are available.
Pretty cool I think.
Posted using CrackBerry App on BB10
- 02-18-13, 07:02 PM #13
- CrackBerry Genius
02-18-13, 07:32 PM #15
- 2,291 Posts
Not understanding the S Korea story... if the carrier says they will continue with BB where is the story.... could it happen?? sure... but would not be a first...HTC has already withdrawn from that market..... As for the Malware article... do remember it was actually BB who announced it which means they are on top of it.... that is the mark of a company who has it together.... When did Apple issue a warning about the Exchange server and password security ????
- 02-18-13, 11:25 PM #17
I think whatever results in operational efficiencies is good for BB. Losing the Korean market would be unfortunate, but the reality is that BB is not Samsung; they cannot be everywhere, they simply don't have the resources to do so. Even the iPhone can barely make inroads in the Korean market, as Samsung and LG have it wrapped up pretty tight.
The Galaxy Note series of phones is especially popular in Korea (and several East Asian coutries actually) and BB doesn't have anything to compete with that. The Note 2's last announced sales figures were 5 million globally and a full 1 million of those were in Korea. LG has also been working hard to tap the phablet market and will release the Optimus G Pro (5.5 inches, very similar to the G Note 2) in Korea next week. They've also sold 1 million Optimus G (4.7 inch) phones globally, again many of them in Korea.
- CrackBerry Abuser
02-19-13, 02:05 AM #18
- 471 Posts
If there is a carrier that wants to support BB10 in S Korea then the only smart choice would be to supply them with BB10 devices. The most important part of the success of Blackberry is the release of the BB10 OS. It is easiest and quickest way to spread the QNX virus. Once it is out there in the global market it will infect all electronics equipment for at least a decade until someone creates a better, stronger virus. Thats just my own opinion and I hope I don't offend anyone.
- 02-19-13, 08:23 AM #20
- 02-19-13, 11:44 AM #22
I have clearly been discussing the magnitude of this if it's true, and I made that very clear. Contrary to his assertion, the fact that BB was questioned about this, and refused to deny it, but rather, gave an evasive answer, in fact lends credence to the idea that it is a possibility worth considering. If somebody else doesn't even want to think about it, so be it, but simply saying "unsubstantiated!" at those who are discussing it, is not constructive, and borderline rude.
However, his assertion that their is evidence to "the contrary" would then be untrue...or more specifically, none has been presented at this point.
- 02-20-13, 02:44 PM #24
Exactly how do you withdraw from a market? Presumably BB would be fine with allowing carriers to sell the product in any country they want to. Does that mean they aren't going to do any advertisements in that market? Well, if the ad cost is not covered by the profit made on sales, they should stop buying ads. If they choose not to provide the native language in that country, let the carriers decide if they want to pay for the native language development costs. If they don't want to, then sell the phones with whatever language they have and let the buyers decide. The idea of withdrawing from a market really just means they are not going to spend any money trying to sell in that market. It does not mean the product is not going to be available there.
I have said BB should not bother selling in the USA market. By that I mean they should not spend any money trying to sell in that market. The carriers can do whatever they want in terms of advertising, supporting and selling the Z10 in the states. If BB ignores the US market they will have lots more money to sell in India and China where the market are not saturated with iPhones and upper income buyers may be less interested in Android.
02-20-13, 04:47 PM #25
- 2,621 Posts
Since the Android market is saturated, BB10 would be attractive I would think. Windows 8 doesn't seem to be doing so well, in mobility at least.
- By alvarezjpr in forum General BlackBerry DiscussionReplies: 102Last Post: 10-23-13, 10:06 PM
- By mrskycar in forum BlackBerry OS AppsReplies: 5Last Post: 11-06-12, 03:25 PM
- By robslaw in forum Mac UsersReplies: 15Last Post: 11-09-08, 09:53 PM
- By janenebu in forum BlackBerry OS AppsReplies: 3Last Post: 09-12-08, 04:14 PM
- By crewdogg in forum BlackBerry Pearl 81xxReplies: 2Last Post: 08-26-08, 11:59 PM