February 11, 2009, 8:46 AM — Research iIn Motion has patched a piece of software for Windows PCs that could leave them vulnerable to attack when loading new applications onto BlackBerry devices.
The flaw lies in an ActiveX control used to load third-party applications onto BlackBerrys connected to a PC via a USB cable. An ActiveX control is a small add-on program that works in a Web browser to facilitate the downloading of programs or security updates. However, the controls have been prone to vulnerabilities.
RIM said in an advisory that a vulnerability is introduced to a PC when someone runs the BlackBerry Application Web Loader Version 1.0 ActiveX control with any version of Microsoft's Internet Explorer browser. The advisory contains a link to the patch.
The vulnerability is an exploitable buffer overflow, which is a problem in memory that could allow an unauthorized program to run. RIM didn't give details on how it might be exploited.
However, the U.S. Computer Emergency Readiness Team (CERT) said an attacker could be able to execute arbitrary code with the privileges of a user by getting that user to view a specially-crafted HTML document. It could also cause Internet Explorer to crash, CERT wrote in an advisory.
The problem scores a 9.3 on the Common Vulnerability Scoring System (CVSS), a way to evaluate the danger of a flaw. A score of 10 is considered the most dangerous, and anything above a seven is considered highly severe.
RIM advises that customers apply the patch. In its latest security updates on Tuesday, Microsoft also released a "kill bit" for the affected ActiveX control. A kill bit blocks an ActiveX control from running in Internet Explorer.
