While Adobe Flash Player was updated last week for the critical vulnerabilities in Security Advisory APSA11-02, it was not until today that the update for Adobe Reader and Acrobat was released.
This vulnerability is being exploited in the wild against Adobe Flash Player, Adobe Reader and Acrobat in targeted attacks via a malicious Web page, or a Flash file embedded in a Microsoft Word or Microsoft Excel file delivered as an email attachment, targeting the Windows platform.
Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing and, thus, is not being updated at this time.
Details:
Vulnerability identifier: APSB11-08Acrobat and Reader users can update to the latest version using the built-in updater, by clicking “Help” and then “Check for Updates.”
CVE number: CVE-2011-0611, CVE-2011-0610
Platform: All Platforms
Alternatively, you could switch to an alternate PDF reader. There are a number of open source readers available from http://pdfreaders.org/. I have been using Sumatra PDF for around two years. Nitro Reader is also a viable substitute.
No comments:
Post a Comment