Adobe Releases Security Patch for Acrobat, Reader
Late last month security researchers uncovered two new security holes affecting Adobe Acrobat and Adobe Reader; the vulnerabilities, which affected all currently supported shipping versions of Adobe Acrobat and Adobe Reader, were acknowledged by the software developer, who said a patch is forthcoming. True to its word, Adobe has now released a security patch that is meant to fix the 0-day security holes that plagued its products.
“A critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493). Adobe recommends users of Adobe Reader 9.1 and Acrobat 9.1 and earlier versions update to Adobe Reader 9.1.1 and Acrobat 9.1.1,” explained Adobe.
You are very well advised to update Adobe Acrobat or Adobe Reader, assuming that this latest vulnerability discovery did not get you to switch to alternate PDF readers and you are still actively using Adobe’s software on your system. Keep in mind that the security vulnerability that Adobe Acrobat 9.1.1 and Adobe Reader 9.1.1 fixes is a critical one, meaning that if exploited by a person with malicious intentions, it could allow for native-code to execute without the user being aware of this.
The upside is that according to the Adobe Product Security Incident Response Team (PSIRT), no exploits for these security issues are available in the wild; none that the PSIRT has detected.
If you would like to get Adobe Acrobat Standard, Pro and Pro Extended for Windows, a download location is available here.
If you would like to get Adobe Acrobat 3D for Windows, a download location is available here.
If you would like to get Adobe Acrobat Pro for Mac, a download location is available here.
If you would like to get Adobe Reader for Windows, a download location is available here.
If you would like to get Adobe Reader for Mac, a download location is available here.
If you would like to get Adobe Reader for UNIX, a download location is available here.
“A critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493). Adobe recommends users of Adobe Reader 9.1 and Acrobat 9.1 and earlier versions update to Adobe Reader 9.1.1 and Acrobat 9.1.1,” explained Adobe.
You are very well advised to update Adobe Acrobat or Adobe Reader, assuming that this latest vulnerability discovery did not get you to switch to alternate PDF readers and you are still actively using Adobe’s software on your system. Keep in mind that the security vulnerability that Adobe Acrobat 9.1.1 and Adobe Reader 9.1.1 fixes is a critical one, meaning that if exploited by a person with malicious intentions, it could allow for native-code to execute without the user being aware of this.
The upside is that according to the Adobe Product Security Incident Response Team (PSIRT), no exploits for these security issues are available in the wild; none that the PSIRT has detected.
If you would like to get Adobe Acrobat Standard, Pro and Pro Extended for Windows, a download location is available here.
If you would like to get Adobe Acrobat 3D for Windows, a download location is available here.
If you would like to get Adobe Acrobat Pro for Mac, a download location is available here.
If you would like to get Adobe Reader for Windows, a download location is available here.
If you would like to get Adobe Reader for Mac, a download location is available here.
If you would like to get Adobe Reader for UNIX, a download location is available here.
