Uh-oh! Hackers at CanSecWest Pwn2Own contest were able to exploit vulnerabilities in the BlackBerry Torch WebKit browser and steal information using JavaScript.
Research in Motion is now urging BlackBerry users to disable JavaScript in the browsers of any BlackBerry running software version 6.0 or later to prevent hacking.
RIM issued a security advisory acknowledging the flaw, stating:
A successful exploit could allow the attacker to use the BlackBerry
Browser to access user data stored on the media card and in the built-in
media storage on the BlackBerry smartphone, but not to access user data
that the email, calendar and contact applications store in the
application storage (the internal file system that stores application
data and user data) of the BlackBerry smartphone.
The BlackBerry Security
Incident Response Team has not received any reports that this
vulnerability has been successfully exploited on a BlackBerry smartphone
outside of a test environment or has resulted in any impact to
BlackBerry customers.