Follow us on Twitter
Follow us on Twitter
Follow us on Twitter
Follow us on Twitter
Follow us on Twitter

Products' We Represent


Subscribe

captcha 

Cover-161124-Sitex-2016

Adobe to release critical flaw patches to Reader and Acrobat
Wednesday, 01 August 2012 01:56

In Prenotification Security Advisory for Adobe Reader and Acrobat - APSB12-16 released by Adobe, it has confirmed that it will release security updates for the Adobe Reader and Acrobat X 10.1.3 and previous versions, for Windows and Macintosh on August 14, 2012. Citing flaws of a critical nature, Adobe has said in the post that the updates would address these flaws. Adobe has listed out the affected software versions: 

  • Adobe Reader X (10.1.3) and earlier 10.x versions for Windows and Macintosh
  • Adobe Reader 9.5.1 and earlier 9.x versions for Windows and Macintosh
  • Adobe Acrobat X (10.1.3) and earlier 10.x versions for Windows and Macintosh
  • Adobe Acrobat 9.5.1 and earlier 9.x versions for Windows and Macintosh

Importantly, the post also includes Adobe's priority ratings for each of the affected software. Priority Ratings is a guideline to help its customers in managed environments to prioritize Adobe security updates. The company decides the priority rankings based on historical attack patterns for the relevant product, the type of vulnerability, the platform(s) affected, and any potential mitigations that may be in place.  

The list gives four of the six items a priority rating of 2. Updates to software with this priority rating fix the vulnerabilities in a product that which has historically been at elevated risk. Adobe adds that there currently are no known exploits to these programmes. Going by previous experience, Adobe do not anticipate exploits are imminent. However, as a best practice, they recommend that administrators install the update soon, that is, within 30 days. The remaining two programmes have a priority rating of 1. This rating indicates that the software contains vulnerabilities that are being targeted, or those that are at a higher risk of being targeted by exploit(s) in the wild for a given product version and platform. The company recommends that administrators install these update too as soon as possible, preferably within 72 hours.

Recently, Adobe released security updates for Adobe Flash Player (11.2.202.233 and earlier versions) for Windows, Macintosh and Linux; Adobe Flash Player (11.1.115.7 and earlier versions) for Android 4.x, 3.x and 2.x. These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system. Reports state that the vulnerability has being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered by an e-mail message. The exploit targets Flash Player on Internet Explorer for Windows only.

Apple approved an Adobe Reader app for iOS last year. Adobe had ported over the software experience of its Reader programme via an app for iPhone, iPod Touch and iPad users, allowing iOS users to view, access, interact with, share, and print PDF files wirelessly (with AirPrint) from their iPhones, iPod Touch and iPads.

 

ACE Featured Products

QNAP TS-120
QNAP TS-120
Call for Pricing
QNAP UX-500P
QNAP UX-500P
Call for Pricing
Cintiq 21UX
Cintiq 21UX
$2,485
FI8910W (Black)
FI8910W (Black)
$129
QNAP TS-853S Pro
QNAP TS-853S Pro
Call for Pricing
i1420 Scanner
i1420 Scanner
$6,500
AS-7012RD / AS-7012RDX
AS-7012RD / AS-7012RDX
Call for Pricing
FI9831P (Black)
FI9831P (Black)
Call for Pricing

Latest News