[technology taskforce] ICANN blog : ICANN suspends use of Adobe Connect at. ICANN61 due to security issue
Dev Anand Teelucksingh
devtee at gmail.com
Wed Mar 14 10:52:00 UTC 2018
From
https://www.icann.org/news/blog/issues-with-adobe-connect-at-icann61
“....*"Yesterday we were notified by a member of
the Security and Stability Advisory Committee of what appears to be a
potentially serious security issue affecting our use of Adobe Connect.*
*In order to protect the members of the multistakeholder community, and out
of an abundance of caution, we have suspended our Adobe Connect services.
This means that Adobe Connect services will not be available for the rest
of ICANN61.”*
Livestream and streaming audio will be available.
The security issue regarding Adobe Connect is likely the one posted by
Adobe on “patch Tuesday”
https://helpx.adobe.com/security/products/connect/apsb18-06.html
“Adobe has released a security update for Adobe Connect. This update
resolves an unrestricted SWF file upload vulnerability (CVE-2018-4921),
which could be exploited to conduct cross-site scripting attacks. This
update also resolves an OS command injection vulnerability in the Adobe
Connect URI handler on Windows (CVE-2018-4923) that could result in
unintended arbitrary local file removal or forced uninstall of the
application. ”
Dev Anand
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ttf/attachments/20180314/e042d266/attachment.html>
More information about the ttf
mailing list