CERT mailing list archives

Current Activity - Adobe Releases Security Advisory for Adobe Reader and Acrobat

From: Current Activity <us-cert () us-cert gov>
Date: Fri, 16 Dec 2011 16:53:20 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Adobe Releases Security Advisory for Adobe Reader and Acrobat

Original release date: December 8, 2011 at 9:29 am
Last revised: December 16, 2011 at 2:15 pm


Adobe has released a Security Advisory for Adobe Reader and Acrobat to
address a vulnerability affecting the following software versions:
  * Adobe Reader X (10.1.1) and earlier versions for Windows and
    Macintosh
  * Adobe Reader 9.4.6 and earlier 9.x versions for Windows,
    Macintosh, and Unix
  * Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and
    Macintosh
  * Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows,
    Macintosh

Exploitation of this vulnerability may allow an attacker to cause a
denial-of-service condition or take control of the affected system.
Adobe also states that using Adobe Reader X Protected Mode and Adobe
Acrobat X Protected View would prevent an exploit of this
vulnerability. Adobe has indicated in their advisory that this
vulnerability is being exploited in the wild.

UPDATE: Adobe has released an update to address these vulnerability in
Adobe Security Bulletin APSB11-30 for the following software.

  * Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows
  * Adobe Reader 9.4.6 and earlier 9.x versions for Windows

US-CERT encourages users and administrators to review Adobe Security
Bulletin ASPA11-04 and APSB11-30 for additional information. More
information regarding this vulnerability can be found on the US-CERT
vulnerability note VU#759307.

US-CERT will provide additional information as it becomes available.

Relevant Url(s):
<http://www.adobe.com/support/security/bulletins/apsb11-30.html>

<http://www.kb.cert.org/vuls/id/759307>

<http://www.adobe.com/support/security/advisories/apsa11-04.html>

====
This entry is available at
http://www.us-cert.gov/current/index.html#adobe_releases_updates_for_adobe1

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTuu9xT/GkGVXE7GMAQLghQf+J2+QrDc8h09n9JNsNj7/sm70+lHK6cxq
VjYf9/M5lpXLcG60fyG9lyUoSxi9b+C97noKqjaiF28J0eNGVtyqmOero4LxE8Cb
pDl/ilYtB5VbXVFs633zMoGTB0fW6rFh/Tn5aKqPvGSLezboERs3kmbjgOgokG+O
LVGglqv8sihxC64yeViI3YBpnxDmSlUBxFvUL+MuD7DhcO5wC/y/VYX3MhAYQ0CA
3jFuM4QLVh3Do7LrP19pwg8XduWabKJiWQiX6mjyxvfIELZQpph8ddMnBe7LWLjA
YeWX0toPeQ9WAwK+LujWaD7KmqQF09KO566LON+uDpdg0TixTaTfVA==
=fXbm
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Adobe Releases Security Advisory for Adobe Reader and Acrobat Current Activity (Sep 13)
- <Possible follow-ups>
- Current Activity - Adobe Releases Security Advisory for Adobe Reader and Acrobat Current Activity (Dec 16)