Adobe Reader/Acrobat Critical Update ~ Security Garden

Adobe Product Security Incident Response Team (PSIRT) announced an update to Adobe Reader and Acrobat affecting a critical vulnerability in Adobe Reader and Adobe Acrobat 9.2, including all earlier versions. As this vulnerability is being actively exploited in the wild, update is strongly advised.

For home use, you may wish to replace Adobe Reader with an alternate PDF reader. Other options are available at http://pdfreaders.org/.

Adobe Security Bulletin

Security updates available for Adobe Reader and Adobe Acrobat

Release date: January 12, 2010

Vulnerability identifier: APSB10-02

CVE numbers: CVE-2009-3953, CVE-2009-3954, CVE-2009-3955, CVE-2009-3956, CVE-2009-3957, CVE-2009-3958, CVE-2009-3959, CVE-2009-4324

Critical vulnerabilities have been identified in Adobe Reader 9.2 and Acrobat 9.2 for Windows, Macintosh and UNIX, and Adobe Reader 8.1.7 and Acrobat 8.1.7 for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

References:

Adobe Product Security Incident Response Team (PSIRT): A Few Words on the January 2010 Security Update for Adobe Reader and Acrobat - ASSET
Threatpost: How to mitigate Adobe PDF malware attacks
National Vulnerability Database (NVD): (CVE-2009-4324)
ZDNet.com: Adobe confirms PDF zero-day attacks. Disable JavaScript now

Clubhouse Tags: Clubhouse, Security, Updates, Vulnerabilities, Adobe

Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, January 12, 2010

Adobe Reader/Acrobat Critical Update

1 comment: