BlackBerry 10.2.1 Android Runtime BES Security Flaw Discovered

BlackBerry 10.2.1 Android Runtime BES Security Flaw Discovered

BlackBerry 10.2.1 recently began rolling out to users worldwide. The Android runtime, which allows you to install Android APKs directly, looks to have a security flaw.

Frank Büttner from the ABS Team GmbH has found that even while having a BES policy in place to block his business contacts, his installed Android apps such as Skype and Go Launcher EX were able to pull his BES contacts.

You can toggle the availability of this information with the “Personal Apps Access to Work Contacts” policy. There are three options for allowing apps access to your BES contact info: All, Only BlackBerry Apps, or None.

Though, as found by Büttner, no matter what policy is set in place the Android apps still have access to the work contacts. This is interesting in itself, as Android apps are not allowed on the work-side of BlackBerry 10, only native apps.

BlackBerry is now aware of the security flaw and has issued the following official statement to us:

[quote_box_center]”We have investigated an issue in the Android player involving specific app permissions, which will be addressed in a forthcoming software update.”[/quote_box_center]

BlackBerry will be at the mercy of the carriers to swiftly roll out an update. If you’re running Android apps that gain access to your contacts, beware.

Click to add a comment

Be the First to Comment!


 

@UberLucas

Founder of N4BB.com for the latest in mobile and tech news, leaks, reviews, videos, and much more.


More in

Angry-Birds-2-–-Gameplay-Teaser-1

Angry Birds 2 for Android Now Available

Lucas AtkinsJul 30, 2015
St.-Landry-Crime-Stoppers-looking-for-thief-who-broke-into-Stellys-Supermarket

‘Cheeseburger, with fries and coke’ Crime Stoppers Video Leads to Coca-Cola Plug Conspiracy

Lucas AtkinsJul 29, 2015
security

Google Adding New Security Warning Notifications on Android

Stefany BaezJul 29, 2015
jamestown1

Early American Leaders’ Bones Identified at Jamestown Site

Lucas AtkinsJul 29, 2015
aurora-brown-dwarf

Astronomers Find Auroras Beyond Our Solar System

Lucas AtkinsJul 29, 2015
volkswagen_logo_by_coldf

Volkswagens with Android Auto and Apple CarPlay Arriving in Showrooms this Week

Lucas AtkinsJul 29, 2015
drake-All-Me-Song-Leaked-By-leakSquadLive.com_

Drake Releases ‘Back to Back’ Meek Mill Diss

Lucas AtkinsJul 29, 2015
Windows_10_update

Windows 10 Mobile Arriving in November says Microsoft Exec

Lucas AtkinsJul 29, 2015
Torproject

Tor 0.2.7.2-alpha has Released

Lucas AtkinsJul 29, 2015