Adobe has released updates for Reader and Acrobat to address multiple vulnerabilities affecting the following software versions:
- Adobe Reader X (10.0) and earlier versions for Windows and Macintosh
- Adobe Reader 9.4.1 and earlier versions for Windows, Macintosh, and Unix
- Adobe Acrobat x (10.0) and earlier versions for Windows and Macintosh
Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges, or conduct cross-site scripting attacks.
At this time, updates are available for the Windows platform. Adobe indicates that it plans to release updates for Macintosh and Unix the week of February 28, 2011.
US-CERT encourages Windows users and administrators to review Adobe Security Bulletin APSB11-03 and apply any necessary updates to help mitigate the risks. Macintosh and Unix users and administrators should apply any necessary updates when they become available from the vendor.
US-CERT will provide additional information as it becomes available.
This product is provided subject to this Notification and this Privacy & Use policy.