Cert warns of Adobe and Google security flaws


Cert warns of Adobe and Google security flaws

Antony Savvas

The US Computer Emergency Response Team has warned of security flaws in both Adobe imaging software and Google search appliances.

Cert said it was aware of a report of multiple vulnerabilities that affect the ActiveX control for Adobe Reader and Acrobat.

Cert said the problem relates to the Adobe Acrobat AcroPDF ActiveX control failing to properly handle malformed input.

At the moment, said Cert, there is no patch to protect users from the problem. Therefore, users can only mitigate the risk by disabling ActiveX controls in their web browsers.

Adobe has also now issued a workaround to the problem on its website.

Cert also reported that Google Search Appliances and Mini Devices are vulnerable to cross-site scripting attacks.

The flaw exists in the way that Google Search Appliance and Google Mini devices handle UTF-7 (Unicode Transformation Format) encoded URIs (Uniform Resource Identifier).

Again, no patch is available for the problem at the moment, so Cert recommended that users disable active scripting in their browsers as a workaround.


Comment on this article: computer.weekly@rbi.co.uk

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy