The Latest in IT Security

Security Advisory for Adobe Reader and Acrobat

08
Dec
2011

Adobe announced that a critical vulnerability has been identified in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for UNIX, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system.

There are reports that the vulnerability is being actively exploited in limited, targeted attacks in the wild against Adobe Reader 9.x on Windows.

The problem is that there is no fix available at the moment, but Adobe promised that will make one available for the Adobe Reader 9.x next week. The Adobe Acrobat X and Adobe Reader X can be configured to prevent this vulnerability to be exploited and because of this they will be only updated in the regular quarterly security update.

Until then, the only way to prevent this vulnerability to be exploited is to enable the Protected Mode/View feature in Adobe Reader X Protected Mode and Adobe Acrobat X Protected View : Go to: Edit >Preferences > Security (Enhanced) and ensure “Files from potentially unsafe locations” or “All files” with “Enable Enhanced Security” are checked. To verify Protected Mode for Adobe Reader X is enabled, go to: Edit >Preferences >General and verify that “Enable Protected Mode at startup” is checked.

 

Sorin Mustaca

Data Security Expert

Leave a reply


Categories

MONDAY, AUGUST 19, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks