Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.04) for Windows. These updates address a regression that occurred in version 11.0.04 affecting Javascript security controls.
Adobe Reader and Acrobat X (10.1.8) and earlier versions for Windows are not affected, and all versions of Adobe Reader and Acrobat for Macintosh are also not affected by this vulnerability.
Release date: October 8, 2013
Vulnerability identifier: APSB13-25
CVE number: CVE-2013-5325
Platform: Windows
Update or Complete Download
Update checks can be manually activated by choosing Help > Check for Updates.- Adobe Reader XI (11.0.05) for Windows is available here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows.
Enable "Protected View"
Due to frequent vulnerabilities, it is recommended that Windows users of Adobe Reader and Acrobat ensure that Protected View is enabled. Neither the Protected Mode or Protected View option is available for Macintosh users.To enable this setting, do the following:
- Click Edit > Preferences > Security (Enhanced) menu.
- Change the "Off" setting to "All Files".
- Ensure the "Enable Enhanced Security" box is checked.
 |
| Image via Sophos Naked Security Blog |
References
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...
No comments:
Post a Comment