Adobe Acrobat 10.0.2 Pro and Standard

on .

User Rating:  / 3
PoorBest 

A critical vulnerability exists in Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris operating systems, Adobe Flash Player 10.1.106.16 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of Reader and Acrobat for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0609) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Excel (.xls) file delivered as an email attachment. At this time, Adobe is not aware of attacks targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Adobe recommends users of Adobe Flash Player 10.2.152.33 and earlier versions (Adobe Flash Player 10.2.154.18 and earlier versions for Chrome users) for Windows, Macintosh, Linux, and Solaris operating systems update to Adobe Flash Player 10.2.153.1 (Adobe Flash Player 10.2.154.25 for Chrome users). Adobe recommends users of Adobe Flash Player 10.1.106.16 and earlier versions for Android update to Adobe Flash Player 10.2.153.1. Adobe recommends users of Adobe AIR 2.5.1 and earlier versions for Windows, Macintosh and Linux update to Adobe AIR 2.6. For more information, please refer to Security Bulletin APSB11-05.

Adobe recommends users of Adobe Acrobat X (10.0.1) for Windows update to Adobe Acrobat X (10.0.2). Because Adobe Reader X Protected Mode would prevent an exploit of this kind from executing, we are planning to address this issue in Adobe Reader X for Windows with the next quarterly security update for Adobe Reader, currently scheduled for June 14, 2011. For more information, please refer to Security Bulletin APSB11-06. For more information, see the Adobe Reader 10.0.2 Release Notes.

The 10.0.2 update comes as a Windows Installer Patch file (MSP) for Adobe Acrobat 10 Standard and Pro as 'AcrobatSecUpd1002.msp' which can be downloaded here.

This multilingual update is available in the following language versions: English, French, German, Japanese, Brazilian Portuguese, Danish, Dutch, Finnish, Italian, Norwegian, Spanish, Swedish, Chinese Simplified, Chinese Traditional, Korean, Croatian, Czech, Hungarian, Polish, Russian, Ukrainian, Romanian, Slovak, Slovenian & Turkish.

Check out "Deploying and administering Acrobat X and Reader X" and the new 'Adobe Customization Wizard X' which makes it very easy to customize the Adobe Reader for deployment.