CyTRAP Labs’ reminder - 2008-05-08 - Adobe Reader AND Adobe Acrobat - critical update
| Adobe has issued an important security patch for its Adobe Reader and Adobe Acrobat that fixes several critical vulnerabilities (Please click on the link, choose Login as guest - click on this link again and voila free access) |
| If you have default Update installed with the program, the latest version should be downloadd automatically next time you log onto the internet (for more details see below) |
This vulnerabilitiy exposes you to a risk that we rate as follows:
| CyTRAP Labs security risk barometer - 4 = critical |
||||
| low | elevated | moderate- ly critical | critical | severe |
| 1 | 2 | 3 | 4 | 5 |
CyTRAP Labs security risk barometer
WHAT CAN YOU DO?
| operating system affected |
|
| affected software |
Hence, start your Adobe Reader or Adoba Acrobat on your PC go to Help > Update check |
| risk | rating given for these vulnerabilities is a 4 (four) |
| where is the patch? | depending upon the operating system you run:
for Windows, you need admin rights to install the patch! |
| what should one do? | The Software Update preference pane is set to automatically check by default if you have the latest version installed.Hence, once you go onto the internet, the latest version should be downloaded automatically, if you are not sure, read below we tell you how to check and download manually if need be - quick and easy. |
| how can I check that I do have the latest version installed | click UPDATES in Adobe Reader or Adobe Acrobat from the Help menu this shows which version runs on your machineAdobe recommends users of - Acrobat 8 and Adobe Reader install 8.1.2 update and - Acrobat 7 install the 7.1.0 updateDetails and all downloads available here |
| not patching the vulnerability could cause what kind of damage to my PC? DO NOT OPEN IMAGES, MOVIES, ETC. from untrusted sources | 1 could be exploited by unauthorized attacker enabling him or her to execute arbitary commands on your machine2 more nasty things… |
| where can one get more details from the vendor? | vendor Adobe has issued a security bulletin APSB08-13 |
| where can you get more technical information about the vulnerabilities | CVE-2008-0667, CVE-2007-5666, CVE-2007-5659, CVE-2007-5663, CVE-2008-0726, CVE-2008-0655, CVE-2008-2042, CVE-2007-4768, |
| release date from vendor | 2008-05-06 - Evening - Pacific Standard Time |
| why is this a reminder and not an alert? | security alert or reminder - that’s the question |
| did CASEScontact.org release an advisory about this earlier? | No we did not because it was not a case whereby the code was being exploited by hackers while spreading via the Internet |
| did CASEScontact.org release a zero-day advisory | NO we did not issue a zero-day advisory see also patched zero-day archive) |
============>
- Please make sure that your PC is patched - thank you.
| If this post was helpful to you, please consider stumbling it or Digg this WinCurity post from CyTRAP Labs. | |
| Also of interest: | |
| Archive for the ‘CyTRAP Labs - reminder’ Category |
CyTRAP Labs reminder - 2007-12-20 - Adobe Flashplayer - critical update |
| the mission of ComMetrics | CyTRAP Labs Choice - free tool - PDF reader - do not open files in browser window - help with Firefox |
60% OF THIS ITEM’S READERS SUBSCRIBED ALREADY
CyTRAP Labs invites you to get info about zero-day exploits, tools, benchmarking and regulatory intell. BETTER, just become one of our readers by subscribing right now to one or more of our highly acclaimed services.
admin rights, Adobe Acrobat, Adobe Reader, adobe reader 7, adobe reader 8, APSB08 13, CVE 2007 4768, cve 2007 5659, cve 2007 5663, cve 2007 5666, cve 2008 0655, cve 2008 0667, cve 2008 0726, cve 2008 2042, CyTRAP Labs reminder, risk rating, security patch, software update, vulnerability
