BlackBerry to release Android, iOS Heartbleed patches
Messenger, Secure Work Space could be vulnerable on third-party platforms
BlackBerry announced it would release security updates for its Messenger and Secure Work Space services for iOS and Android by Friday, in an effort to address vulnerabilities related to the Heartbleed flaw, Reuters reported.
Heartbleed affects the OpenSSL standard used on servers to ensure data security. The flaw in the software library allows malicious actors to potentially access as much data as they can copy without leaving any digital fingerprints.
Since the issue arose last week, security analysts have added mobile platforms and applications to the list of at-risk assets.
Reuters cited comments from Scott Totzke, BlackBerry senior vice president, who stressed that most of the Canadian firm's products did not use OpenSSL. But the Secure Work Space corporate email system and BBM messaging application for Android and iOS are exceptions and might be accessible through WiFi connections or carrier networks.
"The level of risk here is extremely small," he insisted, claiming BlackBerry's security technology would be sufficient to stop data being taken even if an incursion succeeded.
"It's a very complex attack that has to be timed in a very small window," he said, assuring users that they could continue safely using Messenger and Secure Work Space before an update is issued.