BlackBerry Ltd Fixes Bug That Made Its App Vulnerable

BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB)’s latest OS, believed to be the most foolproof system in the world, has been found to have a vulnerability related to its app BlackBerry World. However, the Canadian smartphone company was quick enough to respond to the situation and has already fixed the bug.

Older versions still vulnerable

Through BlackBerry World, a user can search and download apps for their device. Blackberry World ensures that the right app is installed through application integrity checking. BlackBerry advisory says, “vulnerability exists in the BlackBerry World services download mechanism, which is used by the BlackBerry World app on affected BlackBerry 10 smartphones.”

Charlie Munger And Li Lu On The Need For Patient Investing

Charlie MungerA couple of years ago, Charlie Munger and Li Lu co-appeared in an interview in one of China's top finance magazines. As is the case with all of Munger's interviews and appearances, the interview contained some highly valuable insights and intelligent thoughts on life, investing, and psychology. Q2 2020 hedge fund letters, conferences and more Read More

BlackBerry World communications with the user device are also now completed over an SSL connection to minimize the risk of MITM attack. The user can view the BlackBerry World app by swiping the top and selecting “Settings,” which shows the version number at the bottom. A user can apply anything from the above-given solutions to protect the phone from malicious content.

However, in the older version of the operating system, the problem still persists. Versions 10.2, 10.2.1 and 10.3 of the BlackBerry World app are still affected by this vulnerability, says a report from Thread Post.

BlackBerry fixed the bug before any damage was done

As per the report, the vulnerability in these methods gives leverage to attacker, through a man in the middle attack, to identify a user’s BlackBerry World application download and then install malware on the device. Also an attacker through this vulnerability could gain access to the data or settings related to the malicious app.

Any intruder could replace the authorized download with a malicious app if he or she gains the man-in-the-middle (MITM) position between the user and the BlackBerry World servers. However, the company made it clear that only the BlackBerry World app on BlackBerry 10 can fall prey to this bug and also asked users to upgrade to the latest version if they have not done so.

In a research report, Canaccord Genuity analysts maintained their Hold rating on BlackBerry stock with a price target of $10. On Tuesday, BlackBerry shares closed down 1.77% at $8.90. Year-to-date, shares are up by over 22%.