Archive for March, 2009

Adobe Reader for Unix updates available

Today, we have released the Adobe Reader 9.1 for Unix, and Adobe Reader 8.1.4 for Unix updates. These updates resolve the JBIG2 vulnerability from Security Advisory APSA09-01 and Security Bulletin APSB09-03. As mentioned previously, there are reports that this issue is being exploited.
In addition, the updates released today, as well as the most recent updates for Windows and Macintosh – Adobe Reader 9.1, 8.1.4, and 7.1.1, and Acrobat 9.1, 8.1.4, and 7.1.1 – address four additional, critical JBIG2 security issues. Adobe has worked with the security researchers who reported these additional issues and is communicating about them today, now that updates for all platforms are available. We appreciate the cooperation of these security researchers – Sean Larsson of iDefense Labs, Jonathan Brossard from iViZ Security Research Team, Will Dormann of CERT/CC, and Alin Rad Pop of Secunia Research. We are not aware of any exploits in the wild for any of the additional JBIG2 issues newly disclosed today in Security Bulletin APSB09-04.
This posting is provided “AS IS” with no warranties and confers no rights

Adobe Reader and Acrobat updates for Windows and Macintosh available

Today, we have released the Acrobat 8.1.4 and 7.1.1, and Adobe Reader 8.1.4 and 7.1.1, updates for Windows and Macintosh. These updates resolve the vulnerability from Security Advisory APSA09-01 and Security Bulletin APSB09-03. There are reports that this issue is being exploited.
In addition, the updates address other critical security issues. The Adobe Reader and Acrobat 9.1 and 7.1.1 updates resolve a critical issue that has already been addressed in the Adobe Reader 8.1.3 and Acrobat 8.1.3 updates. The Adobe Reader 7.1.1 and Acrobat 7.1.1 updates resolve critical issues previously addressed in Adobe Reader 8.1.3 and 9.0, and Acrobat 8.1.3 and 9.0.
Users who have previously updated to Adobe Reader 9.1 and Acrobat 9.1 for Windows and Macintosh need not take any action. Adobe now plans to make available Adobe Reader 9.1 and Adobe Reader 8.1.4 for Unix by March 24.
This posting is provided “AS IS” with no warranties and confers no rights

Adobe Reader and Acrobat 9.1 update available

Today, we posted the Adobe Reader 9.1 and Acrobat 9.1 update, which resolves the recent JBIG2 security issue (CVE-2009-0658), including the ‘no-click’ variant of the vulnerability. We encourage all Adobe Reader users to download and install the free Adobe Reader 9.1. The Adobe Reader 9.1 update is available here. Acrobat 9 users should refer to the Security Bulletin for download details. We expect updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, to be available by March 18. In addition, Adobe plans to make available Adobe Reader 9.1 for Unix by March 25. In the meantime, for Adobe Reader 7 and 8 users who are unable to update to Adobe Reader 9.1, as well as Acrobat 7 and 8 users, more information on immediate protection for this issue from anti-virus and security vendors is available in the post directly below.
This posting is provided “AS IS” with no warranties and confers no rights