BlackBerry issues 'critical' security warning for Z10 phones

BlackBerry issues 'critical' security warning for Z10 phones

Summary: The first flagship BlackBerry 10 phone contains a "critical" bug that could allow hackers to crack open the device and pilfer files and data.

SHARE:
TOPICS: Security, BlackBerry
5
bb-z10-back-620x371
(Image: BlackBerry/RIM)

BlackBerry has issued a security advisory notice to those who have bought its flagship Z10 touchscreen smartphone — the first BlackBerry 10 device to launch following the company's bid for revival, back in February.

The advisory, which was issued earlier this month, notes a bug that relates to BlackBerry Protect, its security and backup utility, rather than the phone's operating system itself. 

According to the advisory, an escalation of privilege vulnerability exists in the software of some Z10 phones that could allow a malicious app to "take advantage" of weak permissions in the in-built security software. This could allow a hacker to gain access to the device's password, and intercept and prevent the device from being wiped.

The "critical" factor is that the security flaw could dupe the device's user into installing an app which resets the device password through BlackBerry Protect. Though the device may be in the user's hands, the device's data is under the control of the hacker.

BlackBerry 10 version 10.0.10.261 and earlier devices are affected by the critical bug, except version 10.0.9.2743. BlackBerry 7 and earlier users are not affected, and neither are those who upgraded to BlackBerry 10.1 in recent weeks.

BlackBerry said in the advisory that the bug is "not currently being actively exploited," but BlackBerry Z10 owners and IT administrators who deploy BlackBerry Z10 smartphones in an enterprise should update their devices as soon as possible.

Enterprise users can also set their BlackBerry Enterprise Server policies to mitigate any unauthorized access. 

Topics: Security, BlackBerry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

5 comments
Log in or register to join the discussion
  • Keep your phone/tablet/pc/system

    Manufacturers are constantly uncovering bugs. Keeping up to date... nobody wants to do it... should be a must. Cheers.
    SinfoCOMAR
  • ... updated

    :)
    SinfoCOMAR
    • old news

      this was a month's old news, why bring it up now. such coincidence when share price is going up, shorts are scared huh?
      cecilia_cc
  • Hehe...

    Lol.
    Nate650@...
  • No big deal

    It was discovered, remedied, and fixed. The version affected was 10 point oh point yada yada yada, so they are already getting 10 point two rolled out. Just like Windows has new downloads to constantly address issues, so do phone companies. The evil hackers NEVER sleep, witness the latest debacle to strike Apple which is the ability for hackers to get into any Apple device through the charger! Yikes!
    Chippy55