Adobe recommends users of Adobe Reader X (10.1) and earlier versions for Windows and MAC OS update to Adobe Reader X (10.1.1), and users of Adobe Acrobat X (10.1) for Windows and Macintosh update to Adobe Acrobat X (10.1.1).
Affected software versions
- Adobe Reader X (10.1) and earlier 10.x versions for Windows and Macintosh.
- Adobe Reader 9.4.5 and earlier 9.x versions for Windows, Macintosh and UNIX.
- Adobe Reader 8.3 and earlier 8.x versions for Windows and Macintosh.
- Adobe Acrobat X (10.1) and earlier 10.x versions for Windows and Macintosh.
- Adobe Acrobat 9.4.5 and earlier 9.x versions for Windows and Macintosh.
- Adobe Acrobat 8.3 and earlier 8.x versions for Windows and Macintosh.
How to update Adobe Reader 10.1.1:
Users on Windows and Macintosh can utilize the product's update mechanism. The default configuration is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates.
Download Adobe Reader 10.1.1:
New users on Windows can download Adobe Reader 10.1.1 from website listed below:
For Adobe Reader users on Macintosh can also find the appropriate update from Adobe Reader for Macintosh
What's new in Adobe Reader 10.1.1:
Adobe Reader 10.1.1 contains fixes the following security issues:
- Resolve a local privilege-escalation vulnerability (Adobe Reader X (10.x) on Windows only) (CVE-2011-1353).
- Resolve a security bypass vulnerability that could lead to code execution (CVE-2011-2431).
- Resolve a buffer overflow vulnerability in the U3D TIFF Resource that could lead to code execution (CVE-2011-2432).
- Resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2433).
- Resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2434).
- Resolve an buffer overflow vulnerability that could lead to code execution (CVE-2011-2435).
- Resolve a heap overflow vulnerability in the Adobe image parsing library that could lead to code execution (CVE-2011-2436).
- Resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2437).
- Resolve three stack overflow vulnerabilities in the Adobe image parsing library that could lead to code execution (CVE-2011-2438).
- Resolve a memory leakage condition vulnerability that could lead to code execution (CVE-2011-2439).
- Resolve a use-after-free vulnerability that could lead to code execution (CVE-2011-2440).
- Resolve two stack overflow vulnerabilities in the CoolType.dll library that could lead to code execution (CVE-2011-2441).
- Resolve a logic error vulnerability that could lead to code execution (CVE-2011-2442).
Source: Adobe - Security bulletin (apsb11-24)
No comments:
Post a Comment