BlackBerry Ltd Fixes Bug That Made Its App Vulnerable

BlackBerry Ltd Fixes Bug That Made Its App Vulnerable
user1462590383 / Pixabay

BlackBerry Ltd (NASDAQ:BBRY) (TSE:BB)’s latest OS, believed to be the most foolproof system in the world, has been found to have a vulnerability related to its app BlackBerry World. However, the Canadian smartphone company was quick enough to respond to the situation and has already fixed the bug.

Older versions still vulnerable

Through BlackBerry World, a user can search and download apps for their device. Blackberry World ensures that the right app is installed through application integrity checking. BlackBerry advisory says, “vulnerability exists in the BlackBerry World services download mechanism, which is used by the BlackBerry World app on affected BlackBerry 10 smartphones.”

Gates Capital Management Reduces Risk After Rare Down Year [Exclusive]

Gates Capital Management's ECF Value Funds have a fantastic track record. The funds (full-name Excess Cash Flow Value Funds), which invest in an event-driven equity and credit strategy, have produced a 12.6% annualised return over the past 26 years. The funds added 7.7% overall in the second half of 2022, outperforming the 3.4% return for Read More

BlackBerry World communications with the user device are also now completed over an SSL connection to minimize the risk of MITM attack. The user can view the BlackBerry World app by swiping the top and selecting “Settings,” which shows the version number at the bottom. A user can apply anything from the above-given solutions to protect the phone from malicious content.

However, in the older version of the operating system, the problem still persists. Versions 10.2, 10.2.1 and 10.3 of the BlackBerry World app are still affected by this vulnerability, says a report from Thread Post.

BlackBerry fixed the bug before any damage was done

As per the report, the vulnerability in these methods gives leverage to attacker, through a man in the middle attack, to identify a user’s BlackBerry World application download and then install malware on the device. Also an attacker through this vulnerability could gain access to the data or settings related to the malicious app.

Any intruder could replace the authorized download with a malicious app if he or she gains the man-in-the-middle (MITM) position between the user and the BlackBerry World servers. However, the company made it clear that only the BlackBerry World app on BlackBerry 10 can fall prey to this bug and also asked users to upgrade to the latest version if they have not done so.

In a research report, Canaccord Genuity analysts maintained their Hold rating on BlackBerry stock with a price target of $10. On Tuesday, BlackBerry shares closed down 1.77% at $8.90. Year-to-date, shares are up by over 22%.

No posts to display