Tag Archives: security

updated security bulletins from IBM

Two security bulletins have been updated today, they will give you a reason more to install IF 2 for IBM Notes 9.0.1 Fixpack 5 on Windows.

more details:

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM Notes
Security Bulletin: libpng related security vulnerabilities identified in IBM Notes

small update: installing the IBM Notes 64-bit 9.0.1 IF1 (for Mac) caused some issues.. I was not able to launch IBM Notes anymore, installing the IF1 again would launch an error that “the fix was only for the 64bit client” and therefore would not run. I ran the install for the 9.0.1 64-bit client again which fixed the problem and now the «About IBM Notes» shows:
Release 9.0.1 (64-bit) SHF619

FP/IF nightmare all over again or only a local issue?

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server bundled with IBM Domino 9

In case you are using the IBM HTTP server bundled with an IBM Domino 9 server, you should get the fixes posted today.

From the Security Bulletin:

IBM recommends not using the IBM HTTP Server option and instead using “IBM Domino Interim Fixes to Support TLS 1.2”.
However, for those customers who have a continuing need to use IBM HTTP Server (IHS), the fix linked below will patch Domino 9.0.1 for Windows with IHS patch There is a W32 and a W64 version that should be used based on the 32-bit/64-bit edition of Domino that is installed.

you can find all details about the Security Bulletin here

Download the fix:

IBM Notes/Domino Security Bulletin: Vulnerabilities in the IBM Java SDK

Fresh from the press: new downloads available for IBM Notes and IBM Domino to fix the Java issues disclosed in the Oracle January 2015 Critical Patch Update.

This Java vulnerabilities affect all current versions of IBM Notes and Domino and if you don’t control some of the Java behaviour on the server or client via restrictions or ECL you should get these Java patches.

Direct links to patches for 9.0.1 FP3:


Get more information and direct download links to all the patches here.

BlackBerry Blend

One of the highlights with the BlackBerry OS update 10.3.1 is the availability of BlackBerry Blend.

Basically it gives you the opportunity to access data from your BlackBerry by pairing the device with your computer or tablet.
You then use the BlackBerry Blend app on your computer/tablet to access the BlackBerry Blend Dashboard which gives you access to work as well as personal accounts/data

BlackBerry Blend dashboard

You can read/answer your messages on a bigger screen and use the keyboard to type but the real benefit in my opinion is that you don’t have to configure your work account on your private tablet or transfer files from you device. As BlackBerry puts it “No saving to a cloud, no transferring information between devices. It’s just there.

There are a few settings which are controlled by BES policies so you might have to check with your admin if a feature does now work. Policies for BlackBerry Blend are available in BES 10.2.4 or later.

Find out more about BlackBerry Blend here

a long overdue “thank you”

A bit over a month ago René Winkelmeyer stirred up some dust with his discovery and blog post about the security issue with the new Outlook iOS/Android App. Shortly after his post, his colleague Detlev Pöttgen posted an easy solution to prevent the app from connecting to the Traveler server on his blog.

Because of the big security issue with this app, I’ve sent out an email, (yes, email, get over it) to our customers with the information about René’s discovery, Detlev’s solution and the recommendation to implement it as soon as possible.

The feedback has been very positive. What astonished me was that most customers had not heard about the issue at all.
Many customers replied and were thankful for the information and solution provided and I would like to forward this “thank you” to René and Detlev, great work guys.


BlackBerry Work Drives – improved

As I had written a few months back, one of the features I really like on BlackBerry 10 devices are the BlackBerry Work Drives. I think it is an underrated feature which helped me more than once when I needed to move or transfer data between the device and my computer or network drive at work. Yes, you still need to use a BES and it only works in the Work space of the device but I’m more than OK with that. It’s not an app I use every day but sometimes, when for whatever reason email or storing in the cloud are not an option or possible, it’s an easy way to get to the data.

A few days ago I needed a file I knew I had downloaded on my laptop at work but couldn’t remember the site I got it from. So I fired up Blackberry Work Drives, connected to my Download folder and grabbed the document from there. While accessing the app I also got notified about an update being available. Besides some design changes and bug fixing, i.e. folders with “Umlaute” are now supported, the main improvements are:

  • Easy authentication with integration in BlackBerry 10 Credential Manager
  • Easier access for users now with remote drive mapping by BES administrator
  • Support for Microsoft SharePoint

What it didn’t say though was that you need BES 10.2.3 to have the remote drive mapping. Luckily it is available since yesterday as well.
Apparently the SharePoint integration does not work that well, or at all, but I have no SP site to test so I can’t comment on that.