Wed, Sep 8 2010 14:09
Don
Security Advisory for Adobe Reader and Acrobat - Sept. 8, 2010
Summary
A critical
vulnerability exists in Adobe Reader 9.3.4 and earlier versions for
Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier
versions for Windows and Macintosh. This vulnerability (CVE-2010-2883)
could cause a crash and potentially allow an attacker to take control of
the affected system. There are reports that this vulnerability is being
actively exploited in the wild.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Affected software versions
Adobe Reader 9.3.4 and earlier versions for Windows,
Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for
Windows and Macintosh.
Severity rating
Adobe categorizes this as a critical issue.
Details
A critical
vulnerability exists in Adobe Reader 9.3.4 and earlier versions for
Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier
versions for Windows and Macintosh. This vulnerability (CVE-2010-2883)
could cause a crash and potentially allow an attacker to take control of
the affected system. Adobe is aware of public exploit code for this
vulnerability.
Adobe is in the process of evaluating the schedule for an update to resolve this vulnerability.
Adobe actively shares information about this and other
vulnerabilities with partners in the security community to enable them
to quickly develop detection and quarantine methods to protect users
until a patch is available. As always, Adobe recommends that users
follow security best practices by keeping their anti-malware software
and definitions up to date.
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed
here: http://blogs.adobe.com/psirt/atom.xml.
Full Advisory
Filed under: Advisories / Bulletins