Two security vulnerabilites with potential exploits, reported as CVE-2009-1492 and CVE-2009-1493, were resolved.
ratingAdobe categorizes this as a critical update and recommends that users apply the update for their product installations.
DetailsA critical vulnerability has been identified in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system. A second vulnerability has also been reported that appears to affect Adobe Reader for UNIX only (CVE-2009-1493). These issues are remotely exploitable.
Adobe recommends users of Acrobat and Adobe Reader update their product installations to versions 9.1.1 (Windows, UNIX, Macintosh), 8.1.5 (Windows, UNIX, Macintosh), or 7.1.2 (Windows, UNIX) using the instructions above to protect themselves from potential vulnerabilities. Adobe expects to make available the updates for Macintosh only versions for Adobe Reader 7 and Acrobat 7 before the end of June. This document will be updated to specify the expected date of the Macintosh version 7 updates once available. |