How to control a BlackBerry Enterprise Server with just a PDF

Sorry, I’m not actually going to tell you how to do that.

But Research In Motion (RIM), the company who make the BlackBerry smartphones beloved by corporate workers worldwide, has warned of a vulnerability in the way its devices handles PDF files which could allow hackers to remotely execute code.

According to a security advisory issued by the firm, hackers could send email message with an attached PDF file that, when opened by a BlackBerry mobile user, could cause code to be launched on the computer that hosts the BlackBerry Attachment Service. Of course, this isn’t the first time that this kind of problem with RIM’s BlackBerry has bubbled up.

RIM is advising that companies disable PDF file processing on the BlackBerry server until the patches are rolled out.

Sign up to our free newsletter.
Security news, advice, and tips.

As we’ve reported umpteen times before, hackers are increasingly exploiting the PDF file format to deliver malicious code to unsuspecting computer users.

As PDFs are so widely used and shared in business, most people wouldn’t think twice of clicking on them, making it imperative that corporations keep their security patches and anti-malware defences up-to-date.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.