Cert warns of Adobe and Google security flaws


Cert warns of Adobe and Google security flaws

Antony Savvas

The US Computer Emergency Response Team has warned of security flaws in both Adobe imaging software and Google search appliances.

Cert said it was aware of a report of multiple vulnerabilities that affect the ActiveX control for Adobe Reader and Acrobat.

Cert said the problem relates to the Adobe Acrobat AcroPDF ActiveX control failing to properly handle malformed input.

At the moment, said Cert, there is no patch to protect users from the problem. Therefore, users can only mitigate the risk by disabling ActiveX controls in their web browsers.

Adobe has also now issued a workaround to the problem on its website.

Cert also reported that Google Search Appliances and Mini Devices are vulnerable to cross-site scripting attacks.

The flaw exists in the way that Google Search Appliance and Google Mini devices handle UTF-7 (Unicode Transformation Format) encoded URIs (Uniform Resource Identifier).

Again, no patch is available for the problem at the moment, so Cert recommended that users disable active scripting in their browsers as a workaround.


Comment on this article: computer.weekly@rbi.co.uk

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy