Vulnerability in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server

Looks like there has been another vulnerability discovered in the BlackBerry Enterprise Server PDF distiller of the BlackBerry Attachment Service.

Looks like there has been another vulnerability discovered in the BlackBerry Enterprise Server PDF distiller of the BlackBerry Attachment Service. This vulnerability is scoring 7.8 on the CVSS scale, so it is a high risk vulnerability.  You should apply the patch to your BES server ASAP.

See http://www.blackberry.com/btsc/search.do?cmd=displayKC&docType=kc&externalId=KB24761 for the details from RIM.

If you haven’t already done so, you really should have the attachment service running in a segmented network in order to prevent the spread of malware. The PDF distiller has required quite a few patches in the past few years and is, in my opinion, the weakest point in the whole BES architecture.  See the BlackBerry technical notes on how to achieve segmentation here.