Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.Adobe Releases Security Advisory for Adobe Reader and Acrobat
Adobe has released a Security Advisory for Adobe Reader and Acrobat to address a vulnerability affecting the following software versions:
- Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh
- Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh, and Unix
- Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
- Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows, Macintosh
Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe also states that using Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this vulnerability. Adobe has indicated in their advisory that this vulnerability is being exploited in the wild.
UPDATE: Adobe has released an update to address these vulnerability in Adobe Security Bulletin APSB11-30 for the following software.
- Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows
- Adobe Reader 9.4.6 and earlier 9.x versions for Windows
US-CERT encourages users and administrators to review Adobe Security Bulletin ASPA11-04 and APSB11-30 for additional information. More information regarding this vulnerability can be found on the US-CERT vulnerability note VU#759307.
US-CERT will provide additional information as it becomes available.
This product is provided subject to this Notification and this Privacy & Use policy.