BlackBerry Release Statement About KRACK and BlackBerry Smartphones

Blackberry has published in its Knowledge Base an official response to the impact of the KRACK vulnerability on Android BlackBerry devices and devices working under UEM. According to the response, it seems that the delay in the arrival of the updates of October stems from the desire of BlackBerry to introduce the repair of the vulnerability this month.

According to the announcement, AAQ280 versions have already appeared as the October update for the BlackBerry PRIV device, and the AAQ281 and AAQ289 versions will contain the patch for the serious vulnerabilty.

Summary of impact on BlackBerry products

BlackBerry powered by Android smartphones

BlackBerry investigated the impact to its products and determined that BlackBerry powered by Android smartphones are affected by the following vulnerabilities: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087 and CVE-2017-13088.

An updated software build to remediate these issues has been included in BlackBerry powered by Android builds identified by the Build numbers AAQ280, AAQ281, or AAQ289.

  • For customers with BlackBerry powered by Android smartphones purchased through ShopBlackBerry.com, BlackBerry has begun making the fix available and will continue to deploy builds as they become available.
  • For customers with BlackBerry powered by Android smartphones not purchased directly from BlackBerry, please consult your carrier or licensed manufacturer.

BlackBerry Enterprise products

Our enterprise solutions, including BlackBerry UEM, BlackBerry Dynamics, BBM Enterprise or BlackBerry Workspaces do not assume that the network used to carry the data is trustworthy, and therefore a weakness in the Wi-Fi protocol used as part of that network does not impact these solutions. Further, communication between UEM and devices is protected by additional layers of encryption. Please see Protecting data in transit in the BlackBerry UEM Security Note.

Actions for customers

BlackBerry recommends that all users of BlackBerry powered by Android smartphones should update to a build that contains the fix, as identified above, as soon as it is available. There is no action necessary for users of BlackBerry UEM, BlackBerry Dynamics, BBM Enterprise or BlackBerry Workspaces.

Source.

Roy Shpitalnik

lived the life of a BlackBerry since 2009 so I was first exposed to 8900. With Israeli cellular world history, training and knowledge for more on BlackBerry, I decided to join the community. When the Media bash BlackBerry on regular basis i decided to Join BerryIL.COM. The true must be published. Contact me on Twitter : @SimpleBerryRoy

Top