BlackBerry said it plans to release security updates for messaging software for Android and iOS devices by Friday to address vulnerabilities in programmes related to the “Heartbleed” security threat.
Researchers last week warned they uncovered Heartbleed, a bug that targets the OpenSSL software commonly used to keep data secure, potentially allowing hackers to steal massive troves of information without leaving a trace.
Security experts initially told companies to focus on securing vulnerable websites, but have since warned about threats to technology used in data centers and on mobile devices running Google's Android software and Apple's iOS software.
Scott Totzke, BlackBerry senior vice-president, told Reuters on Sunday that while the bulk of BlackBerry products do not use the vulnerable software, the company does need to update two widely used products: Secure Work Space corporate email and BBM messaging program for Android and iOS.
He said they are vulnerable to attacks by hackers if they gain access to those apps through either WiFi connections or carrier networks.
Still, he said, “The level of risk here is extremely small” because BlackBerry's security technology would make it difficult for a hacker to succeed in gaining data through an attack.
“It's a very complex attack that has to be timed in a very small window,” he said, adding that it was safe to continue using those apps before an update is issued.
Technology firms and the US government are taking the threat extremely seriously. Federal officials warned banks and other businesses on Friday to be on alert for hackers seeking to steal data exposed by the Heartbleed bug.
Companies including Cisco Systems, Hewlett-Packard, International Business Machines, Intel, Juniper Networks, Oracle Red Hat have warned customers they may be at risk. Some updates are out, while others, like BlackBerry, are rushing to get them ready.