Uncategorized no image

Published on octubre 13th, 2009 | by GAby Menta

0

Security Advisory for Adobe Reader and Acrobat.

Summary

Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues.

Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.

Among other issues, this update will resolve a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows.

Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista are protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.

We wish to thank Chia-Ching Fang and the Information and Communication Security Technology Center for their help with reporting and investigating this issue (CVE-2009-3459).

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.

(Note: This Security Advisory will be replaced with the final Security Bulletin upon release on October 13, 2009.)

Affected software versions

Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh

Severity rating

Adobe categorizes this as a critical update.

Summary

Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues. Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.

Among other issues, this update will resolve a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows. Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista are protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.

We wish to thank Chia-Ching Fang and the Information and Communication Security Technology Center for their help with reporting and investigating this issue (CVE-2009-3459).

Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.

(Note: This Security Advisory will be replaced with the final Security Bulletin upon release on October 13, 2009.)

Affected software versions

Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh

Severity rating

Adobe categorizes this as a critical update.

Tags: , , , , ,


About the Author

Creador de #Squoosh, Visual-Agency , dedicada a acompañar a sus Clientes en distintos Proyectos Digitales , Consultor Internacional, Technical Evangelist Adobe Systems /. Consultor para Adobe , Macromedia y Apple . Premiado a nivel Nacional e Internacional. Premio al “Mejor Consultor de Latinoamerica” Adobe Systems . Mejor Speaker Argentino . 4to puesto en el Ranking Mundial al “Mejor Orador Hispano Parlante” . Mejor Consultor Senior de la Region. En La actualidad estoy muy Enfocado en Generar Canales de Contenidos Visuales y guianes para Grandes Empresas, Proveedores y Clientes Finales. Mail gabymenta@gmail.com



Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.

Back to Top ↑