BlackBerry have promised to release security patches on a monthly basis for the BlackBerry Priv, and so far they are keeping good on that promise.
The BlackBerry Priv January update (AAD250) is now rolling out to Priv’s worldwide.
The update comes in at 16Gb and updates 47 apps.
The table below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), and their assessed severity.
[table style=”table-striped”]
| Issue | CVE | Severity |
|---|---|---|
| Remote Code Execution Vulnerability in Mediaserver | CVE-2015-6636 | Critical |
| Elevation of Privilege Vulnerability in misc-sd driver | CVE-2015-6637 | Critical |
| Elevation of Privilege Vulnerability in the Imagination Technologies driver | CVE-2015-6638 | Critical |
| Elevation of Privilege Vulnerabilities in Trustzone | CVE-2015-6639 | Critical |
| Elevation of Privilege Vulnerability in Kernel | CVE-2015-6640 | Critical |
| Elevation of Privilege Vulnerability in Bluetooth | CVE-2015-6641 | High |
| Information Disclosure Vulnerability in Kernel | CVE-2015-6642 | High |
| Elevation of Privilege Vulnerability in Setup Wizard | CVE-2015-6643 | Moderate |
| Elevation of Privilege Vulnerability in Wi-Fi | CVE-2015-5310 | Moderate |
| Information Disclosure Vulnerability in Bouncy Castle | CVE-2015-6644 | Moderate |
| Denial of Service Vulnerability in SyncManager | CVE-2015-6645 | Moderate |
| Attack Surface Reduction for Nexus Kernels | CVE-2015-6646 | Moderate |
[/table]
You can check out full details of the Security Bulletin January 2016 here.
If you own a Priv and are not seeing the system update message, you can check manually by heading into Settings -> About phone -> System updates and checking manually.
We will update this post as we receive further information on the update.
