BlackBerry

BlackBerry release BlackBerry Priv January security patch

BlackBerry have promised to release security patches on a monthly basis for the BlackBerry Priv, and so far they are keeping good on that promise.

The BlackBerry Priv January update (AAD250) is now rolling out to Priv’s worldwide.

The update comes in at 16Gb and updates 47 apps.

The table below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), and their assessed severity.
[table style=”table-striped”]

Issue CVE Severity
Remote Code Execution Vulnerability in Mediaserver CVE-2015-6636 Critical
Elevation of Privilege Vulnerability in misc-sd driver CVE-2015-6637 Critical
Elevation of Privilege Vulnerability in the Imagination Technologies driver CVE-2015-6638 Critical
Elevation of Privilege Vulnerabilities in Trustzone CVE-2015-6639 Critical
Elevation of Privilege Vulnerability in Kernel CVE-2015-6640 Critical
Elevation of Privilege Vulnerability in Bluetooth CVE-2015-6641 High
Information Disclosure Vulnerability in Kernel CVE-2015-6642 High
Elevation of Privilege Vulnerability in Setup Wizard CVE-2015-6643 Moderate
Elevation of Privilege Vulnerability in Wi-Fi CVE-2015-5310 Moderate
Information Disclosure Vulnerability in Bouncy Castle CVE-2015-6644 Moderate
Denial of Service Vulnerability in SyncManager CVE-2015-6645 Moderate
Attack Surface Reduction for Nexus Kernels CVE-2015-6646 Moderate

[/table]

You can check out full details of the Security Bulletin January 2016 here.
priv january update

If you own a Priv and are not seeing the system update message, you can check manually by heading into Settings -> About phone -> System updates and checking manually.

We will update this post as we receive further information on the update.