BlackBerry has begun patching the recent OpenSSL vulnerability known as Heartbleed on their Android and iOS offerings. The company has acknowledged the bug but have confirmed that none of their services have been affected by Heartbleed. They have, however, decided to make improvements on their BBM for Android/iOS and Secure Work Space for Android/iOS apps to address any further problems that could arise.
BlackBerry, and their own operating systems, BBOS and BB10, are not vulnerable to Heartbleed, so if you’re using any BlackBerry device, you’ve been secure, and still are. Apple and Google on the other hand, still use an OpenSSL connection, so even though blame would be on them for any security issues, BlackBerry is doing the responsible thing by patching up their apps within those OSes.
Is it okay to still use BBM for Android and iOS, and Secure Work Space for Android and iOS before an update is pushed? Scott Totzke, SVP of BlackBerry Security, said to Reuters, “The level of risk here is extremely small. It’s a very complex attack that has to be timed in a very small window.” He later added it was safe to continue using those apps before an update is released.