Adobe Releases Security Advisory for Adobe Reader and Acrobat

Adobe has released a Security Advisory for Adobe Reader and Acrobat to address a vulnerability affecting the following software versions:

• Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh
• Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh, and Unix
• Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
• Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows, Macintosh
  

Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe also states that using Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this vulnerability. Adobe has indicated in their advisory that this vulnerability is being exploited in the wild.

UPDATE: Adobe has released an update to address these vulnerability in Adobe Security Bulletin APSB11-30 for the following software.

• Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows
• Adobe Reader 9.4.6 and earlier 9.x versions for Windows

US-CERT encourages users and administrators to review Adobe Security Bulletin ASPA11-04 and APSB11-30 for additional information. More information regarding this vulnerability can be found on the US-CERT vulnerability note VU#759307.

US-CERT will provide additional information as it becomes available.