Public Safety Canada
Symbol of the Government of Canada
Skip to content | Skip to institutional links

Common menu bar links | Liens de navigation communs

Skip Navigation Links Home > Programs > Response > CCIRC > Analytical releases 2010 > AV10-011: Security Update for critical vulnerabilities in Adobe Reader and Acrobat

Institutional links

Security Update for critical vulnerabilities in Adobe Reader and Acrobat

Number: AV10-011
Date: 14 April 2010

Purpose

The purpose of this advisory is to bring attention to critical vulnerabilities in Adobe Reader and Acrobat.

Assessment

Critical vulnerabilities have been identified in Adobe Reader 9.3.1 (and earlier versions) for Windows, Macintosh and UNIX, and Adobe Acrobat 8.2.1 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system.

Affected software versions:

Adobe Reader 9.3.1 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.3.1 and earlier versions for Windows and Macintosh

Updated versions of Adobe Reader (9.3.2) are available at the following download locations:

Adobe Reader (Windows version):
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

Adobe Reader (Macintosh version):
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh

Adobe Reader (UNIX):
http://get.adobe.com/reader/

Updated versions of Adobe Acrobat (8.2.2) are available at the following download locations:

Acrobat Standard and Pro (Windows):
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows

Acrobat Pro Extended (Windows): http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows

Acrobat 3D (Windows):
http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows

Acrobat Pro (Macintosh):
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh

Suggested action

CCIRC recommends that administrators test and deploy these updates at the earliest opportunity.

References:
Adobe Security Bulletin APSB10-09:
http://www.adobe.com/support/security/bulletins/apsb10-09.html

Adobe Blog - Adobe Reader and Acrobat 9.3.2 and 8.2.2 to be delivered by new Updater
http://blogs.adobe.com/adobereader/2010/04/upcoming_adobe_reader_and_acro.html

Note to Readers

The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589
E-mail: communications@ps-sp.gc.ca

Date Modified: 2010-04-14
Top of Page
Top of Page
Important Notices