Adobe has released security updates for Adobe Reader and Acrobat XI for Windows and Macintosh. These updates address critical vulnerabilities including code execution, heap buffer overflow, memory corruption, integer overflow, memory corruption and, finally, vulnerabilities in the directory search path used to find resources that could lead to code execution.
Release date: April 11, 2017
Vulnerability identifier: APSB17-11
CVE Numbers: CVE-2017-3011, CVE-2017-3012, CVE-2017-3013, CVE-2017-3014, CVE-2017-3015, CVE-2017-3017, CVE-2017-3018, CVE-2017-3019, CVE-2017-3020, CVE-2017-3021, CVE-2017-3022, CVE-2017-3023, CVE-2017-3024, CVE-2017-3025, CVE-2017-3026, CVE-2017-3027, CVE-2017-3028, CVE-2017-3029, CVE-2017-3030, CVE-2017-3031, CVE-2017-3032, CVE-2017-3033, CVE-2017-3034, CVE-2017-3035, CVE-2017-3036, CVE-2017-3037, CVE-2017-3038, CVE-2017-3039, CVE-2017-3040, CVE-2017-3041, CVE-2017-3042, CVE-2017-3043, CVE-2017-3044, CVE-2017-3045, CVE-2017-3046, CVE-2017-3047, CVE-2017-3048, CVE-2017-3049, CVE-2017-3050, CVE-2017-3051, CVE-2017-3052, CVE-2017-3053, CVE-2017-3054, CVE-2017-3055, CVE-2017-3056, CVE-2017-3057, CVE-2017-3065
Platform: Windows and Macintosh
Update or Complete DownloadUpdate checks can be manually activated by choosing Help > Check for Updates.
- Adobe Reader XI (11.0.20, Pro and Standard) for Windows is available here: http://supportdownloads.adobe.com/detail.jsp?ftpID=6155.
- Reader DC and other versions are available here: https://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
- Acrobat for Windows is available here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Enable "Protected View"Due to frequent vulnerabilities, it is recommended that Windows users of Adobe Reader and Acrobat ensure that Protected View is enabled. Neither the Protected Mode or Protected View option is available for Macintosh users.
To enable this setting, do the following:
- Click Edit > Preferences > Security (Enhanced) menu.
- Change the "Off" setting to "All Files".
- Ensure the "Enable Enhanced Security" box is checked.
|Image via Sophos Naked Security Blog|
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...