SecurityGarden

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, April 10, 2012

Adobe Reader and Acrobat Critical Security Updates

Posted on 3:15 PM by Unknown

Adobe released critical security updates addressing vulnerabilities in Adobe Reader and Adobe Acrobat.  In addition to Adobe Reader X (10.1.3) and Adobe Acrobat X (10.1.3) incorporating the Adobe Flash Player updates noted in Security Bulletins APSB12-03, APSB12-05 and APSB12-07, the updates address a variety of vulnerabilities, including the following:
  • an integer overflow in the True Type Font (TTF) handling that could lead to code execution (CVE-2012-0774)
  • a memory corruption in the JavaScript handling that could lead to code execution (CVE-2012-0775)
  • a security bypass via the Adobe Reader installer that could lead to code execution (CVE-2012-0776)
  • a memory corruption in the JavaScript API that could lead to code execution (CVE-2012-0777)(Macintosh and Linux only)

Acrobat and Reader users can update to the latest version using the built-in updater, by clicking “Help” and then “Check for Updates.” The Adobe Reader update for Windows is available from http://www.adobe.com/products/reader/.  Even better is the FTP download site:  ftp://ftp.adobe.com/pub/adobe/reader/win/10.x/10.1.3/ with no risk of add-ons.

The next quarterly security updates for Adobe Reader and Acrobat are currently scheduled for July 10, 2012.

Release Details

  • Release date: April 10, 2012
  • Vulnerability identifier: APSB12-08
  • Priority rating: See table below
  • CVE numbers: CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777
  • Platform: All

      Affected Software Versions

      • Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh
      • Adobe Reader 9.5 and earlier 9.x versions for Windows and Macintosh
      • Adobe Reader 9.4.6 and earlier 9.x versions for Linux
      • Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh
      • Adobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh


      References

      • Security Advisory: Security updates available for Adobe Reader and Acrobat
      • PSIRT Blog: Security updates released for Adobe Reader and Acrobat (APSB12-08)




      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...

      Email ThisBlogThis!Share to XShare to Facebook
      Posted in Adobe, Security, Updates, Vulnerabilities | No comments
      Newer Post Older Post Home

      0 comments:

      Post a Comment

      Subscribe to: Post Comments (Atom)

      Popular Posts

      • Security Bulletin Advance Notice for August, 2013
        On Tuesday, August 13, 2013, Microsoft is planning to release eight (8) bulletins.  Three of the bulletins are identified as Critical with f...
      • Critical Out-of-Band Update Released for MS10-046
        Microsoft released Security Bulletin MS10-046 out-of-band to address a vulnerability in Windows. The security update is identified as crit...
      • Hotmail Security to Protect and Recover Your Account
        Time and time again I see reports from Hotmail users who have lost control of their e-mail account.  As explained by Walter Harp, Director o...
      • Long Awaited Outlook.com Calendar Refresh Rollout
        The long-awaited Outlook.com calendar refresh has been released and is in the process of being rolled out. Because the servers are grouped i...
      • Microsoft Security Advisory 2269637 Released
        Microsoft released Security Advisory 2269637 which relates to a remote attack vector to a class of vulnerabilities affecting applications t...
      • Oracle Java Update
        Oracle released the Java SE 7u40 today.  In addition to bug fixes and enhancements, the update includes the following: advanced monitoring ...
      • Adobe Reader Security Updates
        Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.03) and earlier versions for Windows and Macintosh. Adobe identif...
      • Advance Notice: Security Updates for Java SE
        The Sun Security Blog published the following update announcement: "On November 3, 2009, Sun will release the following security update...
      • Adobe Flash Player and Adobe Air Security Updates
        Adobe released updates to both Adobe Flash Player and Adobe AIR to correct a critical vulnerability in both products. From the Adobe Securi...
      • Waledac Botnet Takedown
        The Waledac botnet had the capability of sending 1.5 billion spam e-mails per day. During a three-week period in December, 2009, approximat...

      Categories

      • Adobe
      • Advisory
      • Amero
      • AntiVirus
      • Apple
      • Ask
      • AVG
      • Bing
      • Browser
      • Child Safety
      • email
      • ESET
      • Ethics
      • Facebook
      • Firefox
      • Firewall
      • FixIt
      • Fraud
      • General
      • Google
      • Hotmail
      • IE10
      • IE6
      • IE7
      • IE8
      • IE9
      • Java
      • Lavasoft
      • malware
      • Microsoft
      • Microsoft Apps
      • Mozilla
      • MVP
      • NCSAM
      • Office
      • Office 2007
      • Office 2010
      • Opera
      • Outlook.com
      • Phishing
      • Privacy
      • safety
      • Search
      • Security
      • Service Pack
      • SkyDrive
      • Skype
      • Software
      • SP1
      • sp2
      • SP3
      • Spotlight
      • Sumatra
      • tutorial
      • UAC
      • Updates
      • Vulnerabilities
      • Windows
      • Windows 7
      • Windows 8
      • Windows Live
      • Windows Live OneCare
      • Windows Vista
      • Windows XP
      • WinPatrol

      Blog Archive

      • ►  2013 (93)
        • ►  October (2)
        • ►  September (8)
        • ►  August (9)
        • ►  July (5)
        • ►  June (8)
        • ►  May (7)
        • ►  April (15)
        • ►  March (9)
        • ►  February (16)
        • ►  January (14)
      • ▼  2012 (98)
        • ►  December (7)
        • ►  November (6)
        • ►  October (11)
        • ►  September (5)
        • ►  August (10)
        • ►  July (8)
        • ►  June (12)
        • ►  May (7)
        • ▼  April (12)
          • Oracle Java SE Update
          • Mozilla Firefox 12 Released with Critical Security...
          • SkyDrive Changes + 25 GB Storage for Current Users
          • Understanding Microsoft Anti-Malware Software
          • It is official!  Windows 8 will be called Windows ...
          • WinPatrol PLUS for 99 Cents and Family Pack only $...
          • Adobe Reader and Acrobat Critical Security Updates
          • Microsoft April 2012 Security Bulletin Release
          • OSX/Flashback Trojan
          • Happy Easter 2012
          • Security Bulletin Advance Notification for April, ...
          • SkyDrive Command Line Interface
        • ►  March (6)
        • ►  February (6)
        • ►  January (8)
      • ►  2011 (130)
        • ►  December (8)
        • ►  November (10)
        • ►  October (7)
        • ►  September (12)
        • ►  August (9)
        • ►  July (6)
        • ►  June (13)
        • ►  May (14)
        • ►  April (13)
        • ►  March (15)
        • ►  February (10)
        • ►  January (13)
      • ►  2010 (146)
        • ►  December (10)
        • ►  November (15)
        • ►  October (19)
        • ►  September (15)
        • ►  August (14)
        • ►  July (8)
        • ►  June (19)
        • ►  May (5)
        • ►  April (11)
        • ►  March (6)
        • ►  February (14)
        • ►  January (10)
      • ►  2009 (33)
        • ►  December (11)
        • ►  November (11)
        • ►  October (11)
      Powered by Blogger.

      About Me

      Unknown
      View my complete profile