Adobe Security Bulletin APSB07-18
Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat
Release date: October 22, 2007
Vulnerability identifier: APSB07-18
CVE number: CVE-2007-5020
Platform: Windows XP (Vista users are not affected) with Internet Explorer 7 installed
Affected Software Versions: Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier
Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier
Summary
Critical vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. This issue only affects customers on Windows XP with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities. It is recommended that affected users update to Adobe Reader 8.1.1 or Acrobat 8.1.1. This is an update to resolve the issue previously reported in Security Advisory APSA07-04.
Solution
Adobe strongly recommends upgrading to Adobe Reader 8.1.1 or Acrobat 8.1.1. The Adobe Reader 8.1.1 update files can be manually downloaded and installed from:
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
The Acrobat 8.1.1 update files can be downloaded and installed from:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
http://www.adobe.com/support/security/bulletins/apsb07-18.html