The company issued a critical security advisoryand confirmed the flaw affects multiple operating systems and various versions of its software, though using the latest release in Protected Mode or Protective View reportedly prevents the vulnerability from being exploited.
"This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe said in its security advisory. The affected software and operating systems are:
• Reader X 10.1.1 and earlier 10.x versions for Windows and Apple OS X
• Reader 9.4.6 and earlier 9.x versions for Windows, Apple OS X and Unix
• Acrobat X 10.1.1 and earlier 10.x versions for Windows and Apple OS X
• Acrobat 9.4.6 and earlier 9.x versions for Windows and Apple OS X
Adobe was also keen to point out its Reader for Android and Adobe Flash player are not affected. The firm plans to update Windows versions of its 9.x software by no later than the week ending December 12. All other affected versions will receive a patch by January 10, 2012.
Those using Adobe's Reader X and Acrobat X versions are advised to either avoid opening unknown files or use protected mode or protected to access them if necessary until the patch is available in the New Year.
The company was recently in the news at the beginning of November after revealing its shock decision to terminate further development of Flash for mobile browsers. Instead, it will focus solely on HTML5 and other web technologies.
No comments:
Post a Comment