Adobe Product Security Incident Response Team (PSIRT) announced an update to Adobe Reader and Acrobat affecting a critical vulnerability in Adobe Reader and Adobe Acrobat 9.2, including all earlier versions. As this vulnerability is being actively exploited in the wild, update is strongly advised.
For home use, you may wish to replace Adobe Reader with an alternate PDF reader. Other options are available at http://pdfreaders.org/.
Adobe Security BulletinSecurity updates available for Adobe Reader and Adobe Acrobat
Release date: January 12, 2010
Vulnerability identifier: APSB10-02
CVE numbers: CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324Critical vulnerabilities have been identified in Adobe Reader 9.2 and Acrobat 9.2 for Windows, Macintosh and UNIX, and Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
References:
- Adobe Product Security Incident Response Team (PSIRT): A Few Words on the January 2010 Security Update for Adobe Reader and Acrobat - ASSET
- Threatpost: How to mitigate Adobe PDF malware attacks
- National Vulnerability Database (NVD): (CVE-2009-4324)
- ZDNet.com: Adobe confirms PDF zero-day attacks. Disable JavaScript now
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
Cool post you got here. I'd like to read more about that topic. Thank you for giving that information.
ReplyDeleteJoan Stepsen
Girl geeks