BlackBerry

BlackBerry updates BES10 addressing Heartbleed OpenSSL vulnerability

On Friday, we reported how BlackBerry released updates to BBM for Android and BBM for iOS. One of the fixes in both apps was to patch the security vulnerability pertaining to the Heartbleed OpenSSL vulnerability.

They have now released an upgrade to BlackBerry Enterprise Server 10, which patches the Heartbleed vulnerability in BES 10.

The following changes have been implemented:

  • Added affected and non-affected versions for Universal Device Service component of BlackBerry Enterprise Service 10.
  • Added fixed versions of Secure Work Space for iOS and Android and BBM for iOS and Android to Non-Affected Software
  • Added version information for Secure Work Space for iOS and Android and BBM for iOS and Android in Affected Software
  • Updated Workarounds and Mitigations:
    • added instructions for applying the fix to Universal Device Service version 10.1.1. and later to Workarounds
    • added mitigations for affected Universal Device service versions
    • specified that they apply only to affected versions of Secure Work Space for iOS and Android, BBM for iOS and Android

Server admins should apply the upgrade as soon as possible.[signoff predefined=”Enjoy this?” icon=”icon-users”][/signoff]