Adobe Reader and Acrobat Security Updates
Adobe released important security updates for Adobe Reader X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh OS. The bulletin is posted here.
"CVE-2011-0611, is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat, as well as via a Flash (.swf) file embedded in a Microsoft Word (.doc) or Microsoft Excel (.xls) file delivered as an email attachment targeting the Windows platform. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing."[1]
Affected software:
Adobe Reader X (10.0.1) and earlier versions for Windows
Adobe Reader X (10.0.2) and earlier versions for Macintosh
Adobe Acrobat X (10.0.2) and earlier versions for Windows and Macintosh
NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and Acrobat 8.x are not affected by CVE-2011-0611.
[1] http://www.adobe.com/support/security/bulletins/apsb11-08.html
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Silverlight Update Available
Microsoft has issued a security patch for Silverlight KB2526954. It fixes six issues. However, the Microsoft link to KB2526954 is still not live. If you have Microsoft update running, it is ready to install. This is rated as important and will auto install.
Direct download http://go.microsoft.com/fwlink/?LinkID=149156
Update 1: Microsoft bulletin is now posted here.
[1] http://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx
[2] http://support.microsoft.com/kb/2526954
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
Comments