DOWNLOAD: Best tool to repair Windows problems & optimize system performance | Best driver update software for your PC
 
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Critical Vulnerability in Adobe Reader

  1. #1
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Exclamation Critical Vulnerability in Adobe Reader

    Adobe Security Bulletin APSA09-01 has been released:

    "Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat

    Release date: February 19, 2009

    Vulnerability identifier: APSA09-01

    Bid number: 33751

    Platform: All platforms

    A critical vulnerability has been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that this issue is being exploited.

    Adobe is planning to release updates to Adobe Reader and Acrobat to resolve the relevant security issue. Adobe expects to make available an update for Adobe Reader 9 and Acrobat 9 by March 11th, 2009. Updates for Adobe Reader 8 and Acrobat 8 will follow soon after, with Adobe Reader 7 and Acrobat 7 updates to follow."
    From US-CERT:
    US-CERT encourages users to take the following actions to help mitigate the risks:

    * Review Adobe Security Bulletin APSA09-01.
    * Review US-CERT Vulnerability Note VU#905281.
    * Review US-CERT Technical Cyber Security Alert TA09-051A.
    * Disable JavaScript in Adobe Reader and Acrobat. Acrobat JavaScript can be disabled in the General preferences dialog (Edit, Preferences, JavaScript, and un-check "Enable Acrobat JavaScript").
    * Prevent Internet Explorer from automatically opening PDF documents.
    * Disable the displaying of PDF documents in the web browser. This can be disabled in the the General preferences dialog (Edit, Preferences, Internet, and un-check "Display PDF in browser").
    * Use caution when opening untrusted PDF files.
    * Install antivirus software, and keep virus signatures up to date.

    US-CERT will provide additional information as it becomes available.
    If you’re a WinPatrol user, click on the ActiveX tab and sort by company name to find your Adobe components. Select the Acrobat reader and click on Disable.


  2. #2
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,572

    Default

    Thanks for the update Corrine.

    It can been ^seen that readers would have to wait till March 11th, 2009 to get the updates.

    BTW... been using freeware foxit pdf reader for a few years now...

  3. #3
    tweakwindows's Avatar
    tweakwindows is offline Microsoft MVP
    Join Date
    Jul 2008
    Location
    intowindows.com
    Posts
    1,285

    Default

    Thanks for the info. Will switch to Foxit Reader for few days..

  4. #4
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default

    Many thanks Corrine,
    Happy to be a Winpatrol user
    Last edited by leofelix; 21st February 2009 at 08:07.

  5. #5
    ravi_9793's Avatar
    ravi_9793 is offline Senior Member
    Join Date
    Jul 2008
    Location
    www.techHunt.org
    Posts
    187

    Default

    Thanks for head up, I am a foxfit reader user

  6. #6
    HappyAndyK's Avatar
    HappyAndyK is offline Site Administrator
    Join Date
    Jun 2008
    Posts
    7,572

    Default

    Oh, forgot to mention... if you are not a WinPatrol user, you can disable it through IE > Manage Addons.

  7. #7
    leofelix is offline Member
    Join Date
    Oct 2008
    Location
    Italy
    Posts
    1,668

    Default Unofficial patch released

    An unofficial patch for Adobe Reader 9.0 has been released,

    if you're interested please read here

    VRT: Homebrew patch for Adobe AcroReader 9

  8. #8
    Pwrgrid's Avatar
    Pwrgrid is offline New Member
    Join Date
    Feb 2009
    Location
    Lancaster, SC
    Posts
    9

    Default Foxit Reader now including ask toolbar

    Goodness, as though the Adobe Reader vulnerability was not bad enough, now the Foxit Reader has to add the Ask.com toolbar to their program. And if you uncheck the box to not install the Ask toolbar, the program informs you that the reader programs will not work, can we all say Cripple ware. Boy, when it rains, it sure pours at times, lol.

    Have a great day.
    John

  9. #9
    seti is offline Member
    Join Date
    Nov 2008
    Posts
    1,923

    Default

    Quote Originally Posted by Pwrgrid View Post
    Goodness, as though the Adobe Reader vulnerability was not bad enough, now the Foxit Reader has to add the Ask.com toolbar to their program. And if you uncheck the box to not install the Ask toolbar, the program informs you that the reader programs will not work, can we all say Cripple ware. Boy, when it rains, it sure pours at times, lol.

    Have a great day.
    John
    This was posted elsewhere by me with a full explaination, and if you want a good alternative without add ins check out the other posts for the link becaue I can not remember it but it is PDF Exchange viewer. But thanks the post

  10. #10
    Corrine's Avatar
    Corrine is offline Gold Member
    Join Date
    Jan 2009
    Location
    Upstate NY
    Posts
    961

    Default

    Finally updated!

    Security Updates available for Adobe Reader and Acrobat

    Release date: March 18, 2009
    Vulnerability identifier: APSB09-04
    CVE number: CVE-2009-0658, CVE-2009-0927
    Platform: Windows and Macintosh

    Summary

    Critical vulnerabilities have been identified in Adobe Reader 9 and Acrobat 9 and earlier versions. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system. There are reports that one of these issues is being exploited (CVE-2009-0658).

    Adobe recommends users of Adobe Reader and Acrobat 9 update to Adobe Reader 9.1 and Acrobat 9.1. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.4, and users of Acrobat 7 update to Acrobat 7.1.1. For Adobe Reader users who can’t update to Adobe Reader 9.1, Adobe has provided the Adobe Reader 8.1.4 and Adobe Reader 7.1.1 updates.

    These updates resolve the issue from Security Advisory APSA09-01 and Security Bulletin APSB09-03. Users who have previously updated to Adobe Reader 9.1 and Acrobat 9.1 for Windows and Macintosh need not take any action. Adobe now plans to make available Adobe Reader 9.1 and Adobe Reader 8.1.4 for Unix by March 24.

    Update to Adobe Reader 9.1, available here: Adobe - Adobe Reader download - All versions

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22