Heartbleed, vulnerability in the encryption code, is now the heart of headlines for major web companies. It all started with Yahoo, followed by various other websites. BlackBerry has now joined the club, with plans to roll out security patches addressing Heartbleed vulnerabilities in the messaging software for iOS and Android devices.
In the wake of Heartbleed mobile threat, the company’s Senior Vice President, Scott Totzke, said in an interview with the Reuters that “while the bulk of BlackBerry products do not use the vulnerable software, the company does need to update two widely used products: Secure Work Space corporate email and BBM messaging program for Android and iOS.”
Totzke noted that it is possible for hackers to gain access to those apps though the level of risk is “extremely small.”
“It’s a very complex attack that has to be timed in a very small window,” he said and also added that it’s safe to continue using those apps before an update is issued.
Earlier last week, security researchers uncovered Heartbleed bug that has turned out into a web’s security disaster. The flaw is said to be introduced on New Year’s Eve 2011, by the programmer Robin Seggalmann.
Experts have been warning about the security threats uprising on mobile devices running Google’s Android software and Apple’s iOS software, claiming mobile apps to be likely vulnerable because they use OpenSSL code.
However, Google and Apple are yet to confirm if the mobile operating system platforms are affected by the Heartbleed bug.
Companies including Hewlett-Packard (HP), International Business Machines (IBM), Intel, Juniper Networks have warned customers that they may be at risk. Many companies have already patched the vulnerabilities with updates, while some are rushing to release the updates.
