BlackBerry maker Research In Motion (RIM) has issued a security patch for the popular device, whose users include US president Barack Obama, warning it is vulnerable to attacks by hackers.
RIM issued the security warning last week in a bulletin on its Web site, but officials could not be reached to comment on details of the patch.
If the patch is not applied, security experts said, there is a risk that hackers could exploit the vulnerability, though they have not done so yet.
Such problems are not unique to RIM. Technology companies constantly battle to stay ahead of increasingly sophisticated hackers. Every time a vulnerability is identified, there is potential for hackers to exploit it.
"It is a serious problem. You need to read the advisory and implement a fix before the hackers try to take control," said Graham Cluley, a senior researcher with anti-virus software marker Sophos.
When companies publicise security flaws, criminals rush to exploit them because it can take weeks or months for users to learn of such problems and protect against them.
Businesses often hold off on installing patches so they can test them to make sure the new software is compatible with other programs in their network. Sometimes a patch can cause other types of software to malfunction.
The newly disclosed vulnerability could allow hackers to take control of servers running BlackBerry systems by sending e-mails with tainted attachments in Adobe Systems' PDF format, according to computer security researchers.
If the device's user opens one of those attachments, it would seek to install malicious software on the server at the data centre that runs a company's BlackBerry network. Hackers could then covertly use that server to send spam or steal corporate data.
"All kinds of nastiness could occur," Cluley said.
A spokesman for Symantec, the world's biggest maker of security software, said the cost of such an attack would be greater than the value of the BlackBerry since it would hit the far bigger corporate network itself.
RIM issued patches to resolve similar problems in January.
The Canadian company pays close attention to such issues because it prides itself on its security, counting intelligence agencies and top executives at the world's largest corporations among its customers.
RIM suggests businesses block their users from opening attachments until they install the patch. The advisory is posted here.
Share