Adobe released important security updates for Adobe Reader X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh OS. The bulletin is posted here. "CVE-2011-0611, is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat, as well as via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing."[1]
Adobe Reader X (10.0.1) and earlier versions for Windows NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by CVE-2011-0611.
----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu |
Guy 523 Posts ISC Handler Apr 21st 2011 |
Thread locked Subscribe |
Apr 21st 2011 1 decade ago |
Regardless where I look, the latest version of Adobe Reader available for download for Windows 7 seems to be 10.0.1. Check for updates within as well as the Adobe Reader http download site AND the ftp site all show 10.0.1 as the most recent version. The FTP site shows Feb 8, 2011 as the most recent Reader X file (version 10.0.1)
What am I missing here? |
Anonymous |
Quote |
Apr 21st 2011 1 decade ago |
The Adobe web site says that Reader X for Windows will not be patched until June:
"Because Adobe Reader X (10.x) Protected Mode would prevent an exploit of this kind from executing, we are planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011" |
Anonymous |
Quote |
Apr 21st 2011 1 decade ago |
My bad -- I stopped reading the bulletin at, "Adobe recommends users of Adobe Acrobat X (10.0.2) for Windows" and went looking for it. Who'd expect Adobe to recommend 10.0.2 when it did not yet exist?
|
Anonymous |
Quote |
Apr 21st 2011 1 decade ago |
Acrobat X 10.0.2 is the version for Standard and Professional, not the reader. There is an update for Standard and Professional, which takes them to 10.0.3. 10.0.1 remains the latest version for the free reader.
|
Joey 18 Posts |
Quote |
Apr 22nd 2011 1 decade ago |
Joey is right, but that announcement from Adobe is hardly a model of clarity. Probably the work of an Ivy League graduate :p
|
Joey 7 Posts |
Quote |
Apr 22nd 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!