Critical vulnerabilities have been identified in Adobe Reader and Acrobat 7.0 through 7.0.8 that could — although Adobe is not aware of any specific code exploits at this time — allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. A malicious file must be loaded by the end user for an attacker to exploit these vulnerabilities. It is recommended that users update to Adobe Reader 8 or apply the workaround provided below.
Affected software versions
Adobe Reader 7.0 through 7.0.8 and Adobe Acrobat Standard and Professional 7.0 through 7.0.8 on the Windows platform when using Internet Explorer. Users of other browsers are not affected.
Solution
Adobe Reader 7.0 through 7.0.8 users should upgrade to Reader 8.
Adobe Reader 7.0 through 7.0.8 users who cannot upgrade to Reader 8, as well as Adobe Acrobat 7.0 through 7.0.8 users, should follow the directions below to update their installations:
1. Exit Internet Explorer, Adobe Reader, and Adobe Acrobat, if necessary.
2. Browse to
Note: If you did not install Acrobat to the default location, browse to the location of your Acrobat 7.0 folder.
4. Download the AcroPDF.dll file provided here.
5. Copy the new AcroPDF.dll file in to the ActiveX directory.
Severity rating
Adobe categorizes this as a critical issue and recommends affected users uninstall any affected software.
Download: Adobe Reader 8
- Note: Adobe Photoshop® Album Starter Edition is pre-checked at the download page. UNcheck that option if you do not want it included in the update.
No comments:
Post a Comment