Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Adobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10 - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Adobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10

Adobe announced a currently-unpatched vulnerability (CVE-2011-2462) that seems to affect all versions of Adobe Reader and Acrobat. The issue is most relevant to the users of Adobe Reader and Acrobat 9 on Windows, because of "reports that the vulnerability is being actively exploited in limited, targeted attacks in the wild. Adobe Reader X and Adobe Acrobat X Protected View are likely to block the exploit because of the sandbox integrated into these products on Windows Visa or later.

Adobe plans to release "an out-of-cycle security update for Adobe Reader and Acrobat 9.x for Windows no later than the week of December 12, 2011." Patches to other versions of the products will be released as part of the "next quarterly security update on January 10, 2012."

This situation is a reminder why organizations should consider upgrading to Adobe Reader X and Adobe Acrobat X Protected View when using Windows Vista or later. The sooner this happens, the better from the security perspective. Sadly, it will be a long time before Adobe Reader and Acrobat 9 disappear from the wild, in part because end-users don't see a good reason to upgrade.

-- Lenny

 Lenny Zeltser focuses on safeguarding customers' IT operations at Radiant Systems. He also teaches how to analyze and combat malware at SANS Institute. Lenny is active on Twitter and writes a daily security blog.


 

Lenny

216 Posts
ISC Handler
Here at Adobe we thought the 0-day vulnerability wasn't good enough, so we're giving you the -35-day!
Anonymous
Like any organization, Adobe needs to prioritize its software development efforts. I'm glad to see that they are releasing a patch for the most vulnerable and targeted platform quickly. Patching other platforms as part of their regular process seems reasonable to me.
Lenny

216 Posts
ISC Handler
What about the users that are running Adobe Reader X on Windows XP?? Are they vulnerable??
Lenny
1 Posts
I don;t get it... Either their sandbox blocks the exploit and Reader X doesn;t need an update, or they don't block it and it's vulnerable. Also "are likely to block the exploit"? Either they block it or they don't, IMHO. If likely is the bast they can offer, I'm guessing they don't.
Arnt

4 Posts
We haven't adopted Reader X on Windows because it doesn't play well with redirected user folders. A quick Google search confirms this. Most corporations use redirected folder so this is definitely one of the main factors for staying with other versions of Reader.
Arnt
1 Posts

Sign Up for Free or Log In to start participating in the conversation!