Fresh from yesterday's revelations about BlackBerry security holes discovered by GCHQ at 2009's G20 meetings, BlackBerry is fighting similar claims against its newest BlackBerry 10 platform.
BlackBerry posted an advisory on its Knowledge Base site several days ago, explaining that a weakness in certain software versions on a specific handset (the Z10) introduced a level of "customer risk" which could lead to the device downloading "a specifically crafted malicious app".
Web and mobile security firm Zscaler has investigated the vulnerability itself, with the company's vice president of security research Michael Sutton declaring that "a fairly specific chain of events" would have to take place in order to bring about "a successful exploitation".
In accordance with BlackBerry's claims, a Z10 user would need to be running a version of BB10 older than 10.0.10.648, would need to activate BlackBerry Protect (BlackBerry's recovery application that is turned off by default), and would need to be subjected to social engineering to reset a password, as well as be persuaded to install the "malicious app".
"BlackBerry has historically had a strong reputation for building a secure operating system, making it a popular choice for security conscious enterprises, even as Apple and Google have dramatically eaten away at their overall market share," said Sutton.
