The US Computer Emergency Response Team has warned of security flaws in both Adobe imaging software and Google...
Cert said it was aware of a report of multiple vulnerabilities that affect the ActiveX control for Adobe Reader and Acrobat.
Cert said the problem relates to the Adobe Acrobat AcroPDF ActiveX control failing to properly handle malformed input.
At the moment, said Cert, there is no patch to protect users from the problem. Therefore, users can only mitigate the risk by disabling ActiveX controls in their web browsers.
Adobe has also now issued a workaround to the problem on its website.
Cert also reported that Google Search Appliances and Mini Devices are vulnerable to cross-site scripting attacks.
The flaw exists in the way that Google Search Appliance and Google Mini devices handle UTF-7 (Unicode Transformation Format) encoded URIs (Uniform Resource Identifier).
Again, no patch is available for the problem at the moment, so Cert recommended that users disable active scripting in their browsers as a workaround.
Comment on this article: firstname.lastname@example.org