Research In Motion (RIM) has issued an update to address a vulnerability in its BlackBerry Software version 4.5, which could enable an attacker to trick users into connecting to a phishing website. The BlackBerry browser dialog box, which alerts users if a site domain and its associated certificate don't match, does not clearly indicate if the mismatch is due to the presence of null, or hidden, characters. As a result, the user may be duped into connecting to a phishing site, RIM said in its security advisory. — AM