Adobe is aware of a report of a vulnerability in Adobe Reader and Acrobat XI (11.0.1) and earlier versions being exploited in the wild. We are currently investigating this report and assessing the risk to our customers. We will provide an update as soon as we have more information. Please continue monitoring the Adobe PSIRT blog for the latest information.
This posting is provided “AS IS” with no warranties and confers no rights.
Today, a Security Bulletin (APSB12-19) has been posted to address security issues in Adobe Flash Player 11.3.300.271 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.11 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.10 and earlier versions for Android 3.x and 2.x. Adobe recommends users apply the updates for their product installations.
This posting is provided “AS IS” with no warranties and confers no rights.
We just updated the following Security Bulletins initially posted on Tuesday, May 8, 2012:
We are in the process of resolving the vulnerabilities addressed in these Security Bulletins in Adobe Illustrator CS5.x, Adobe Photoshop CS5.x (12.x) and Adobe Flash Professional CS5.x, and will update the respective Security Bulletins once the patches are available.
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml.
This posting is provided “AS IS” with no warranties and confers no rights.
A Security Bulletin (APSB11-25) was posted today addressing an important security issue in the Adobe Flex SDK 4.5.1 and earlier 4.x versions and 3.x versions on the Windows, Macintosh and Linux operating systems. Adobe recommends users of the Adobe Flex SDK 4.x and 3.x versions update their installations and applications using the instructions provided in the Security Bulletin.
This posting is provided “AS IS” with no warranties and confers no rights.
A Security Advisory (APSA11-03) has been posted in regards to Adobe Photoshop Elements 8.0. Critical vulnerabilities exist in Adobe Photoshop Elements 8.0 and earlier versions on the Windows operating system. Adobe is not aware of any attacks exploiting these vulnerabilities against Adobe Photoshop Elements to date.
This posting is provided “AS IS” with no warranties and confers no rights.
Today, a Security Bulletin (APSB11-26) has been posted to address critical security issues in Adobe Flash Player. This Security Bulletin affects Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Flash Player 10.3.186.6 for Android. There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message. This universal cross-site scripting issue could be used to take actions on a user’s behalf on any website or webmail provider if the user visits a malicious website. Adobe recommends users apply the updates for their product installations.
This posting is provided “AS IS” with no warranties and confers no rights.
A Flash Player update is scheduled for release tomorrow, September 21, 2011. This update will address critical security issues in the product as well as an important universal cross-site scripting issue that is reportedly being exploited in the wild in targeted attacks.
We will continue to provide updates on the upcoming release via the Security Advisory section of the Adobe website as well as the Adobe PSIRT blog.
This posting is provided “AS IS” with no warranties and confers no rights.
As discussed on the Security Matters blog, the Adobe Approved Trust List (AATL) has been updated to remove the certificate authority DigiNotar. Users of Adobe Reader and Acrobat X (version 10.x) will be automatically updated to this list. A future product update of Adobe Reader and Acrobat version 9.x will enable dynamic updates of the AATL. In the meantime, users of Adobe Reader and Acrobat 9 can manually remove DigiNotar using instructions provided in the September 9 blog post.
This posting is provided “AS IS” with no warranties and confers no rights.
Today, a Security Bulletin (APSB11-24) has been posted in regards to this quarter’s security updates for Adobe Reader and Acrobat. The updates address critical security issues in the products. Adobe recommends that users apply the updates for their product installations.
The next quarterly security updates for Adobe Reader and Acrobat are currently scheduled for December 13, 2011.
This posting is provided “AS IS” with no warranties and confers no rights.
An update on the removal of the DigiNotar Qualified CA certificate from the Adobe Approved Trust List (AATL) following the recent DigiNotar breach has been posted on the Security Matters blog.
This posting is provided “AS IS” with no warranties and confers no rights.
