Security Advisory - Adobe Reader / Acrobat

Security Advisory - Adobe Reader / Acrobat

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Citat:A critical vulnerability has been identified in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for UNIX, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that the vulnerability is being actively exploited in limited, targeted attacks in the wild against Adobe Reader 9.x on Windows.

Citat:Adobe categorizes this as a critical issue.

Citat:Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing. To verify Protected View for Acrobat X is enabled, go to: Edit >Preferences > Security (Enhanced) and ensure "Files from potentially unsafe locations" or "All files" with "Enable Enhanced Security" are checked. To verify Protected Mode for Adobe Reader X is enabled, go to: Edit >Preferences >General and verify that "Enable Protected Mode at startup" is checked.

http://www.adobe.com/support/security/advisories/apsa11-04.html



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Adobe je najavio da će pomenuti propust biti ispravljen u petak, 15. decembra za Adobe Reader i Acrobat 9.x za Windows.

Ispravka za ostale verzije programa (i operativne sisteme) će biti izdata 10. januara.



offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

CVE-2011-4369 ::Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

Adobe ::There have been reports of two critical vulnerabilities being actively exploited in limited, targeted attacks in the wild against Adobe Reader 9.x on Windows. These vulnerabilities (CVE-2011-2462, referenced in Security Advisory APSA11-04, and CVE-2011-4369) could cause a crash and potentially allow an attacker to take control of the affected system.

I ovaj propust, kao i prethodni, je ispravljen u ažuriranju na v9.4.7 za Windows; ostale verzije i verzije za ostale operativne sisteme će biti ažurirane u januaru.


Source: National Vulnerability Database & Adobe Systems Incorporated.

Ko je trenutno na forumu
 

Ukupno su 599 korisnika na forumu :: 12 registrovanih, 4 sakrivenih i 583 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, amstel2, Battlehammer, dane007, Despot1, Doca, dragoljub11987, ILGromovnik, Nebo_M, Pohovani_00, sakota79, wizzardone