Adobe released an out-of-cycle security update to address the critical security issues in Adobe Reader and Adobe Acrobat. In addition to addressing CVE-2010-3654 noted in Security Advisory APSA10-05 and CVE-2010-4091 referenced in the Adobe PSIRT blog ("Potential issue in Adobe Reader"), these updates also incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-26.
Release date: November 16, 2010
Vulnerability identifier: APSB10-28
CVE numbers: CVE-2010-3654, CVE-2010-4091
Platform: All Platforms
Edit Note: I have been advised by my friend Randy that the Adobe Reader update re-introduces "Reader_SL.exe". It is located in \%Program Files%\Adobe\Reader\ and is not required. See the SystemLookUp description.
Acrobat and Reader users can update to the latest version, v. 9.4.1 using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from here. As usual, the caution to UNCHECK the box shown below. Neither the scan nor any offered toolbar are needed for the update!
Free Google Toolbar (optional)
Search Google from any web page, block pop-ups
The next quarterly security update for Adobe Reader and Acrobat is scheduled for February 8, 2011.
- Adobe Product Security Incident Response Team (PSIRT) Blog: Security updates released for Adobe Reader and Acrobat (APSB10-28)
- Security Bulletin (APSB10-28)
Clubhouse Tags: Clubhouse, Windows, Security, Updates, Vulnerabilities, Information,