Adobe Product Security Incident Response Team (PSIRT) announced an update to Adobe Reader and Acrobat affecting a critical vulnerability in Adobe Reader and Adobe Acrobat 9.2, including all earlier versions. As this vulnerability is being actively exploited in the wild, update is strongly advised.
For home use, you may wish to replace Adobe Reader with an alternate PDF reader. Other options are available at http://pdfreaders.org/.Adobe Security Bulletin
Security updates available for Adobe Reader and Adobe Acrobat
Release date: January 12, 2010
Vulnerability identifier: APSB10-02CVE numbers: CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324
Critical vulnerabilities have been identified in Adobe Reader 9.2 and Acrobat 9.2 for Windows, Macintosh and UNIX, and Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
- Adobe Product Security Incident Response Team (PSIRT): A Few Words on the January 2010 Security Update for Adobe Reader and Acrobat - ASSET
- Threatpost: How to mitigate Adobe PDF malware attacks
- National Vulnerability Database (NVD): (CVE-2009-4324)
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...