Blackberry Patches Heartbleed Exploit

Recent OpenSSL Heartbleed attack left many of us with bleeding hearts and crumbling faith in internet security measures. Even if you have changed all your passwords and now are tired of hearing about the bug, you can rest assured that you are not in for any respite. There is going to be a lot of buzz around while companies reevaluate their security strategies. The conundrum surrounding the threat increased when security experts claimed that the vulnerability may have existed for a long time without being detected.

Heartbleed’s impact can be gauged from the fact that even BlackBerry, known for its robust security system, cannot escape unscathed. The bug targeted OpenSSL software, which is the most common method of securing data. However, the bug breached the security and made the data open to hackers. All the apps using the OpenSSL code are deemed to be vulnerable to the security threat.

Now among all the other companies, Blackberry is currently looking into the impact of Heartbleed on its services. Overall, Blackberry seems to be only mildly affected by the attack. Its senior vice president Scott Totzke said that the risk level is very small. He also added that only a very complicated attack can exploit the vulnerability of Blackberry, and then too it has to be timed in a small frame. This shows that Blackberry databases are largely unaffected by the attack.

The Canadian telecom giant has confirmed that its various offerings such as BlackBerry Enterprise Service 10, BlackBerry smartphones, BlackBerry Universal Device Server, and BlackBerry Enterprise Server 5 survived the vulnerability and are completely secure. Other than these services, BlackBerry 10 OS and BlackBerry 7.1 or earlier OS have also been confirmed to be safe and secure.

While BBM for BlackBerry is not affected by Heartbleed, BBM for Android and iOS was compromised and so was Secure Work Space for both these platforms. Currently, more than 85 million people use BBM app.

The company has yet to find a patch for these vulnerabilities. On the other hand, BlackBerry Link for Windows and Mac OS were also exploited, but since these services generally do not interact with internet directly, the negative impact was minimal. The company has also advised its customers to use the firewall system to block out Heartbleed requests.

Despite the fact that BlackBerry smartphones have been tested to be safe from the exploit, users have been asked to be extra vigilant and change their passwords nonetheless. The company is also looking to release security updates for its BBM iOS and Android by the end of this week. It will also issue the security patch for Secure WorkSpace corporate email.

Overall, BlackBerry’s security technology ensured that most of its products and services remained relatively safe during and after the attack. However, its services used on the third party devices were compromised since those devices did not conform to BlackBerry security standards. The company stated that the customers can keep using their devices until the updates are deployed. All the security patches are expected to be released by the end of this week.