Adobe Security Bulletin APSB08-15
Security Update available for Adobe Reader and Acrobat 8.1.2
Release date: June 23, 2008
Vulnerability identifier: APSB08-15
CVE number: CVE-2008-2641
Platform: All platforms
Affected software versions:
Adobe Reader 8.0 through 8.1.2
Adobe Reader 7.0.9 and earlier
Adobe Acrobat Professional, 3D and Standard 8.0 through 8.1.2
Adobe Acrobat Professional, 3D and Standard 7.0.9 and earlier
NOTE: Adobe Reader 7.1.0 and Acrobat 7.1.0 are not vulnerable to this issue. Adobe Reader 9 and Acrobat 9, expected to be available by July 2008, are also not vulnerable to this issue.
A critical vulnerability has been identified in Adobe Reader and Acrobat 8.1.2. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Acrobat 8 and Adobe Reader install the 8.1.2 Security Update 1 patch.
Solution
Acrobat 8 and Adobe Reader
Adobe recommends Adobe Reader 8 users update to Adobe Reader 8.1.2 Security Update 1, available at the links below:
For Windows: http://www.adobe.com/support/downloads/detail.jsp?ftpID=3967
For Macintosh: http://www.adobe.com/support/downloads/detail.jsp?ftpID=3966
Acrobat 7
Adobe recommends Acrobat 7 users on Windows update to Acrobat 7.1.0, available here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Adobe recommends Acrobat 7 users on Macintosh update to Acrobat 7.1.0, available here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh
http://www.adobe.com/support/security/bulletins/apsb08-15.html