If you use these Adobe softwares, you are under high risk, Indian government warns
According to CERT-In, a wide array of Adobe's creative, productivity, and e-commerce software is vulnerable. Affected versions include:
Adobe InCopy (up to versions 20.3 and 19.5.4)
Adobe Experience Manager (AEM) (up to 6.5.23 and CS 2025.5)
Adobe Commerce & Commerce B2B (versions before 2.4.8)
Magento Open Source (before 2.4.8)
Adobe InDesign (up to ID20.3 and ID19.5.4)
Adobe Substance 3D Sampler (up to 5.0.3)
Adobe Acrobat and Reader (Windows and Mac prior to builds 25.001.20531 and 25.001.20529)
Acrobat 2024 and 2020 (prior to 24.001.30254 and 20.005.30744)
Adobe Substance 3D Painter (before 11.0.2) What's at Risk?
The identified vulnerabilities could enable cyber attackers to perform a range of malicious actions. These include bypassing security restrictions, executing arbitrary code, conducting cross-site scripting (XSS) attacks, gaining elevated privileges, and even accessing sensitive user data. In certain cases, they may cause denial-of-service (DoS) disruptions.
These risks are primarily due to issues like memory corruption, improper input validation, and insecure handling of user data—making the vulnerabilities particularly dangerous in enterprise environments.
Mobile Finder: Nothing Phone 3 launched in India Who Should Be Concerned?
The advisory is directed at system administrators, IT security professionals, and end-users of Adobe's affected software. Organisations that depend heavily on Adobe for creative production, document workflows, or online commerce should treat this alert as urgent. Recommended Actions
CERT-In urges users and IT teams to take the following steps to protect their systems:
Install all latest security patches released by Adobe
Monitor network activity for unusual or unauthorised behaviour
Avoid opening suspicious files or clicking unfamiliar links
Keep antivirus and endpoint protection updated
Use application allowlisting to restrict unapproved software execution
Users can access updates and more detailed advisories through the Cyber Swachhta Kendra and Adobe's official website.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
India.com
17 hours ago
- India.com
EPFO Website Down? How To Check PF Balance Via SMS, WhatsApp Or Missed Call In Seconds; Know Withdrawal Eligibility And Rules
photoDetails english 2926945 Updated:Jul 05, 2025, 11:04 AM IST Provident Fund (PF) 1 / 9 The Provident Fund (PF) is built through monthly contributions from both the employee and the employer. Being a government-backed long-term savings scheme, it earns annual interest that compounds over time into a significant corpus. It also acts as a financial safety net during emergencies like illness or job loss. PF Balance Check: No Need for Website or App 2 / 9 You no longer need to open the EPFO website or download any app to check your PF balance. These alternate methods are simple, quick, and completely free, making them ideal during server downtime. PF Balance Check: SMS Service 3 / 9 To check your PF balance via SMS, send a message in the format 'EPFOHO UAN HIN' from your registered mobile number to 7738299899. Here, 'UAN' is your Universal Account Number, and 'HIN' indicates the language. The SMS service supports over 10 Indian languages including Hindi, English, Punjabi, Gujarati, Marathi, Tamil, Telugu, Kannada, Malayalam, and Bengali. Choose your preferred language by changing the last three letters in the SMS code. PF Balance Check: Missed Call Service 4 / 9 Dial a missed call to 9966044425 from your registered mobile number. This is the simplest way to know your PF balance instantly. Make sure your UAN is activated and linked to your phone number. PF Balance Check: Instant SMS Reply 5 / 9 After giving the missed call, your call will disconnect automatically, and within seconds, you'll receive an SMS with your current PF balance and account details—no need for internet or manual inputs. PF Balance Check: WhatsApp Service 6 / 9 You can now check your PF balance via WhatsApp. Save your regional EPFO office's WhatsApp number and send a message like 'Hi' or 'PF Balance.' You'll receive your balance details through a chatbot response. To get the correct WhatsApp number for your regional EPFO office, visit: Choose your location and save the number to start checking via WhatsApp. PF Withdrawal Eligibility 7 / 9 To access EPFO services like SMS, missed call, or WhatsApp for checking PF balance, certain prerequisites must be met. First, your Universal Account Number (UAN) must be activated. Adding further, the mobile number linked to your UAN should be active and in working condition, as all notifications and balance details are sent to this number. It's also essential to link your UAN with KYC documents such as your Aadhaar, PAN card, bank account number, and IFSC code. These steps ensure seamless access to your PF account and enable hassle-free verification across all platforms. PF Withdrawal Limits and Rules 8 / 9 Employed members are allowed to withdraw up to 90% of their PF contributions, but the exact withdrawal limit depends on the reason for withdrawal and the number of years of service completed. For instance, partial withdrawals are permitted for specific purposes such as constructing a house, covering expenses during a medical emergency, or meeting costs related to education or marriage. Each of these situations has its own eligibility criteria and service duration requirements. Important Reminder 9 / 9 Ensure your mobile number is registered with EPFO and your UAN is activated. Without this, SMS, missed call, or WhatsApp services won't work. Contact your company's HR department for help with activation or registration.
Hindustan Times
a day ago
- Hindustan Times
Bluetooth audio devices from top brands can be spied on, warns CERT-In
India's cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity warning for users of Bluetooth audio devices. The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware.(Pixabay) The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware, which could allow attackers to gain unauthorised access to Bluetooth audio devices such as the Sony WH-1000XM5, JBL Live Buds 3, Bose QuietComfort Earbuds, and Marshall Motif II. 'The vulnerabilities exist in Airoha Systems-on-Chip (SoCs) due to missing authentication in the GATT service and the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) component, as well as a flaw in a custom protocol,' CERT-In said in the warning issued on July 2. 'An attacker could exploit these vulnerabilities by establishing connections between mobile devices and audio Bluetooth devices and by delivering commands via the Bluetooth Hands-Free Profile (HFP),' it added. It warned that attackers could potentially eavesdrop or manipulate audio communications and intercept or inject commands on the targeted system. CERT-In said that Airoha has supplied an update containing firmware fixes to all device manufacturers on 4 June 2025. 'Each vendor is expected to release product-specific firmware updates in its next scheduled cycle,' it said. According to a Business Standard report, Airoha is a leading supplier of Bluetooth audio chipsets (SoCs), commonly used in True Wireless Stereo (TWS) earbuds and other audio equipment manufactured by top brands like Sony and JBL. Which devices are affected? German cybersecurity firm Enno Rey Netzwerke GmbH (ERNW) said that 29 audio products across 10 brands are impacted. The brands include Bose, Sony, JBL, Jabra, Marshall, Beyerdynamic, JLab, EarisMax, MoerLabs, and Teufel. The affected devices range from wireless headphones and earbuds to microphones and speakers. Some of the models confirmed vulnerable include Beyerdynamic Amiron 300, Bose QuietComfort Earbuds, EarisMax Bluetooth Auracast Sender, Jabra Elite 8 Active, JBL Endurance Race 2, JBL Live Buds 3, Jlab Epic Air Sport ANC, Marshall ACTON III, Marshall MAJOR V, Marshall MINOR IV, Marshall MOTIF II, Marshall STANMORE III, Marshall WOBURN III, MoerLabs EchoBeatz, Sony CH-720N, Sony Link Buds S, Sony ULT Wear, Sony WF-1000XM3, Sony WF-1000XM4, Sony WF-1000XM5, Sony WF-C500, Sony WF-C510-GFP, Sony WH-1000XM4, Sony WH-1000XM5, Sony WH-1000XM6, Sony WH-CH520, Sony WH-XB910N, Sony WI-C100, Teufel Tatws2.
Hindustan Times
a day ago
- Hindustan Times
Indian Army to train soldiers in drone operation by 2027
The Army Training Command (ARTRAC) on Thursday announced to train all Indian Army soldiers with working of drones by the year 2027. The announcement was made by Lieutenant General Devendra Sharma, General Officer Commanding-in-Chief of ARTRAC, while addressing officers, awardees, and guests at the ARTRAC Investiture Ceremony 2025, held in Shimla on Thursday. Lieutenant General Devendra Sharma, General Officer Commanding-in-Chief of ARTRAC presenting award during ARTRAC Investiture Ceremony 2025, held in Shimla on Thursday. (Source: X) Interacting with the media persons, Lt Gen Sharma said, 'Indian Army's performance in Operation Sindoor had demonstrated remarkable capabilities, especially in the use of drones. Drawing on those insights, ARTRAC has initiated a roadmap that will make drone operation an integral part of every soldier's training.' 'In Operation Sindoor, the Indian Army showcased exceptional capability, particularly through the deployment of drones. Learning from that, we have decided that by 2027, every Indian soldier will be trained in drone operations. Drones will become the 'third arm' of the modern Indian soldier,' he said. Lt Gen Sharma said that ARTRAC had identified 33 niche technologies—including drones, cyber warfare, battlefield artificial intelligence, and electronic warfare systems—for incorporation into army training. To institutionalise these capabilities, 14 centres of expertise have been established across various training institutions. He said that ARTRAC has set a goal for the complete absorption of these technologies by 2030, backed by an investment of ₹390 crore over the next five years in infrastructure, research and development, and simulation-based training systems. 'As part of this initiative, 18,000 personnel have already been trained in 22 new technologies in the training year 2024–25, with a target to train an additional 12,000 personnel in 21 more technologies during 2025–26,' he said. Speaking on gender inclusion, he said that 1,571 women were currently serving in the Indian Army across all ranks, including command positions. ARTRAC, he said, was fully committed to gender neutrality and had integrated gender sensitisation modules into its training curriculum. During the event, establishments and individuals were awarded for their outstanding performances for the Training Year 2023-24. Three category 'A' Establishments and two affiliated units to Category 'A' Establishments were awarded the prestigious 'GOC-in-C Army Training Command Unit Citation' for their outstanding performance and making exceptional contributions to enhancing the training ethos and standards of the Indian Army in 2023-24 on occasion. Financial excellence awards were conferred upon three training establishments, namely Military College of Material Management , Jabalpur, Counter Insurgency Jungle Warfare School , Variengate and Military College of Electronics and Mechanical Engineering , Secunderabad, for setting high standards in financial management. Additionally, two training establishments, Armoured Corps Centre & School , Ahilyanagar, and Military College of Material Management MCMM, Jabalpur, were awarded e-Office Excellence Awards for promoting e-office software usage, which reduces paper usage of paper.
