Palm recently made a blog post announcing the release of WebOS 1.0.4 which addresses a security vulnerability. Apparently the PreDevWiki showed that a link the Palm Pre email would allow the phone to install packages to the device. The update patches this up and it is no longer possible.

This is good news for unsuspecting Pre users who happen across a bad link in email, but WebOS developers were using this as an exploit to install unsigned packages. Now homemade applications cannot be installed, and many of those unsigned applications that were already installed are no longer working.

The announcement was made by Palm’s Chief Security Architect Brad Hernacki who also mentioned they, “try to stay on top of the forums and sites”… I wonder if they’re reading this?

[Via Palm, InformationWeek]