34.1 C
Delhi

Do you Use Adobe Products? Then you might be at a Risk of Cyber-Attack

The Indian Computer Emergency Response Team (CERT-In) issued a warning on Thursday about multiple vulnerabilities in Adobe products that could allow hackers to get access to computers.

InDesign (together with prior versions for Windows and macOS), InCopy, Illustrator, Bridge, and Animate were also affected (and earlier versions for Windows and macOS).

“Multiple vulnerabilities have been reported in Adobe products which could allow an attacker to gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and cause a memory leak on the targeted system,” said CERT-In which comes under the Ministry of Electronics and Information Technology (MeitY).

According to the national cyber-security agency, Adobe products contain these flaws “improper Input Validation, improper authorisation, heap-based buffer overflow, out-of-bounds write, out-of-bounds read and use after free flaws”.

- Advertisement -TechnoSports-Ad

According to CERT-In, users should update their software as part of the Adobe security fixes.

Adobe
credit: Source

An attacker could exploit these loopholes, according to the recommendation, by enticing a victim to open a specially prepared file or application. If these vulnerabilities are successfully exploited, an attacker might gain elevated privileges, execute arbitrary code, write arbitrary files to the file system, and create a memory leak on the targeted machine.

The cyber-security agency also discovered other vulnerabilities in Citrix Application Delivery Management (ADM) solutions, which might allow a remote attacker to bypass protection and cause denial of service conditions on the targeted systems.

“This vulnerability exists in Citrix ADM due to improper access control. A remote attacker could exploit this vulnerability by sending a specially-crafted request to corrupt the system and reset the administrator password at the next device reboot,” according to CERT-In.

- Advertisement -TechnoSports-Ad

If this vulnerability is effectively exploited, a remote attacker could bypass security and create erroneous access control on an affected device, according to the authorities.

Also Read:

TCS, Infosys, Wipro and other Indian IT firms continue their Low Market Trend

source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Nivedita Bangari
Nivedita Bangari
I am a software engineer by profession and technology is my love, learning and playing with new technologies is my passion.
TechnoSports-Ad

Popular

TechnoSports-Ad

Related Stories

More from author

The best apps for translating from English to Hindi in 2024 (March 29)

More than 500 million people worldwide speak Hindi, making it the third most widely used language. However, English is the most commonly used language...

The Best Spotify Alternatives in 2024 that You Must Know

Best Spotify Alternatives in 2024: The well-known music streaming service Spotify has completely changed how we listen to and appreciate music. Spotify satisfies the...

Full Form of MLC: Roles and Responsibilities of an MLC (March 29)

Full Form of MLC: MLC stands for "Member of the Legislative Council," whereas Vidhan Parishad is another name for any state's legislative body. The...

Full Form of Computer in 2024: Everything about one of Man’s greatest invention (March 25)

Full Form of Computer: A computer is an electronic device that can process information, store data, retrieve data, and execute arithmetic and logical operations....