Friday, December 16, 2011

Critical Security Update for Adobe Reader/Acrobat



Adobe released a critical security update addressing vulnerabilities being actively exploited in limited, targeted attacks in the wild against Adobe Reader 9.x on Windows.

The vulnerability relates to memory corruption vulnerabilities which could cause a crash and potentially allow an attacker to take control of the affected system.

Acrobat and Reader users can update to the latest version using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from http://www.adobe.com/products/reader/

Adobe plans on updating all other versions as part of the next quarterly update scheduled for January 10, 2011.  According to Adobe, Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing.

Release Details

  • Release date: December 16, 2011
  • Vulnerability identifier: APSB11-30
  • CVE number: CVE-2011-2462, CVE-2011-4369
  • Platform: Windows

Alternatives

Several years ago, I tired of Adobe Reader and switched to Sumatra PDF, an alternate PDF reader.  After I got past the bright yellow GUI, I found Sumatra PDF to be a nice, light-weight option with no unnecessary add-ons or toolbars.  There are a number of open source readers available from http://pdfreaders.org/.

    References





    Remember - "A day without laughter is a day wasted."
    May the wind sing to you and the sun rise in your heart...


    No comments:

    Post a Comment

    Neither spam nor comments containing vulgarities will be approved.