Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BlackBerry releases BES 10 security update to address 'Heartbleed' flaw

Al Sacco | April 23, 2014
BlackBerry today released an update to its BlackBerry Enterprise Service (BES) 10 software designed to address a "Heartbleed"-related OpenSSL vulnerability in the version of Apache Tomcat used within the BES BlackBerry Work Connect Notification Service. (A detailed breakdown of the vulnerability is available on NIST.gov.)

BlackBerry today released an update to its BlackBerry Enterprise Service (BES) 10 software designed to address a "Heartbleed"-related OpenSSL vulnerability in the version of Apache Tomcat used within the BES BlackBerry Work Connect Notification Service.

BlackBerry first announced that it was investigating the implications of the Heartbleed vulnerability on BlackBerry products on April 10. The related BES flaw "could have allowed a potentially malicious user to obtain sensitive information," according to BlackBerry.

Any organization running BES 10 version 10.1.1, 10.1.2, 10.1.3, 10.2.0, 10.2.1 or 10.2.2 should apply the security patch immediately, according to BlackBerry

BES 10 version 10.2.2 Security Update 04221014 is available on the company's software downloads page. The release notes for the security update can be found here.

 

Sign up for CIO Asia eNewsletters.