Critical Vulnerabilities in Adobe Reader/Acrobat

Question

from http://www.adobe.com/support/security/advisories/apsa11-04.html A critical vulnerability has been identified in Adobe Reader/Acrobat X (10.1.1) and earlier versions for Windows...  This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system. Because Adobe Reader/Acrobat X Protected Mode/View would prevent an exploit of this kind from executing, we are currently planning to address this issue in these versions with the next quarterly security update... currently scheduled for January 10, 2012. For for Adobe Reader 9.x , we are in the process of finalizing a fix for the issue and expect to make it available no later than the week of December 12, 2011. --- With acknowlegments to Corrine's Secuity Garden :emotion-1: post http://securitygarden.blogspot.com/2011/12/security-advisory-for-adobe-reader-and.html

ky331 · Answer

Secunia classifies this vulnerability as 'extremely critical', and describes it as an 'unspecified 0-day memory corruption error when handling U3D data'. http://secunia.com/advisories/47133/

joe53 · Answer

As one who abandoned Adobe Reader long ago (too big, too bloated, and too much a security risk) I now must repudiate the alternative Foxit pdf reader. The latest version 5.1 comes with the ASK toolbar pre-checked by default, and that is not acceptable to me. I now use the free Sumatra pdf reader, available here:http://blog.kowalczyk.info/software/sumatrapdf/download-free-pdf-viewer.html

Virus & Spyware

Was this post helpful?