Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Enterprise Server. This vulnerability is due to the improper processing of PDF files within the distiller component of the BlackBerry Attachment Service. By convincing a user to open a maliciously crafted PDF attachment on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the system running the BlackBerry Attachment Service.
DarkFiber Consulting encourages users to review BlackBerry Security Advisory KB15766 and apply the resolution or implement the workarounds listed in the document to help mitigate the risk.
DarkFiber Consulting will provide additional information as it becomes available.