BlackBerry users advised to disable JavaScript after hack hole spotted

RIM has warned BlackBerry users and IT departments to disable JavaScript on their handsets, after the identification of a security flaw that could give hackers unauthorized access to the smartphones after visiting a compromised site. The loophole, which affects devices running BlackBerry 6, could in theory allow access to devices' memory cards and any data stored on them.

The media storage partition on the phone is also compromised, however the application storage section is now; that means applications and user data such as email, calendar and contact entries are safe from access. RIM is also keen to point out that, barring tests, no signs of the exploit being used publicly have been spotted.

The culprit is the way the BlackBerry browser uses the WebKit engine, with the exploit being identified at the recent Pwn2Own challenge. RIM is advising JavaScript be turned off in the BlackBerry 6 browser until it can patch the security lapse.