Adobe Reader and Acrobat Critical Updates
GSA Reference Number: AD111216-01
Simply Put: Adobe has released critical updates for its Reader, Acrobat, and Flash products. High-risk vulnerabilities are present in these applications that could allow for remote code execution. Gladiator recommends that institutions roll out these patches to all of their vulnerable workstations and servers as soon as possible.
Attack Details: Adobe has released an advisory for Adobe Reader 9.x that fixes two vulnerabilities (CVE-2011-2462 and CVE-2011-4369) which could allow an attacker to take control of an affected system. These vulnerabilities are considered critical for Adobe Reader version 9.x on Windows systems as they are currently being used in targeted attacks in the wild. Be aware that these vulnerabilities exist in the latest version of Adobe Reader X (10.1.1) and earlier versions for Windows, Macintosh and UNIX operating systems; however, there is no immediate risk to users provided Reader and Acrobat are running with Protected Mode/Protected View enabled. These affected versions will be addressed in the next quarterly security update for Adobe Reader and Acrobat, planned for January 10, 2012.
Countermeasures: Adobe has released a patch for Adobe Reader and Acrobat 9.x for Windows. These patches should be applied on all affected user systems as quickly as possible. Patching instructions can be found in the Adobe Bulletins linked below. Furthermore, Gladiator recommends that all financial institutions alert their large commercial customers to this issue, as a compromise of their workstations could lead to financial fraud.
Reference Links:
- Adobe Security Bulletin – Adobe Reader and Acrobat (http://www.adobe.com/support/security/bulletins/apsb11-30.html)
- Adobe Security Bulletin – Adobe Reader and Acrobat Ship Schedule (http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html)