A posting in CNET New in there Security & Privacy Section:
BlackBerry has issued a security advisory notice to those who have bought its flagship Z10 touchscreen smartphone — the first BlackBerry 10 device to launch following the company’s bid for revival, back in February.
The advisory, which was issued last week, notes a bug that relates to BlackBerry Protect, its security and backup utility, rather than the phone’s operating system itself.
According to the advisory, an escalation of privilege vulnerability exists in the software of some Z10 phones that could allow a malicious app to “take advantage” of weak permissions in the in-built security software. This could allow a hacker to gain access to the device’s password, and intercept and prevent the device from being wiped.
The “critical” factor is that the security flaw could dupe the device’s user into installing an app which resets the device password through BlackBerry Protect. Though the device may be in the user’s hands, its data is under the control of the hacker.
To read more click here: