Copyright © 2009 Adobe Systems Incorporated. All rights reserved.
Use of this website signifies your agreement to the Terms of Use and Online Privacy Policy (updated 07-14-2009).
Search powered by Google™
Release date: October 8, 2009
Vulnerability identifier: APSB09-15
CVE number: CVE-2009-3459
Platform: All
Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues. Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.
Among other issues, this update will resolve a critical vulnerability in Adobe Reader and Acrobat 9.1.3 and earlier (CVE-2009-3459) on Windows, Macintosh and UNIX. There are reports that this issue is being exploited in the wild in limited targeted attacks; the exploit targets Adobe Reader and Acrobat 9.1.3 on Windows. Adobe Reader and Acrobat 9.1.3 customers with DEP enabled on Windows Vista are protected from this exploit. Disabling JavaScript also mitigates against this specific exploit, although a variant that does not rely on JavaScript could be possible. In the meantime, Adobe is also in contact with Antivirus and Security vendors regarding the issue and recommends users keep their anti-virus definitions up to date.
We wish to thank Chia-Ching Fang and the Information and Communication Security Technology Center for their help with reporting and investigating this issue (CVE-2009-3459).
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.
(Note: This Security Advisory will be replaced with the final Security Bulletin upon release on October 13, 2009.)
Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh
Adobe categorizes this as a critical update.
Copyright © 2009 Adobe Systems Incorporated. All rights reserved.
Use of this website signifies your agreement to the Terms of Use and Online Privacy Policy (updated 07-14-2009).
Search powered by Google™