Critical Vulnerabilities in Adobe Reader and Acrobat Products

(APSB10-09, CVE-2010-0192, CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197, CVE-2010-1241)

Introduction

On April 13, 2010 Adobe released a quarterly security update for Adobe Reader and Acrobat to address critical vulnerabilities that have been identified in the way multiple versions of Adobe Reader and Acrobat process malformed PDF files. Exploitation of these vulnerabilities could lead to arbitrary code execution.

Products Affected

Products affected are Adobe Reader 9.3.1 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.1 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.1 (and earlier versions) and Acrobat 8.2.1 (and earlier versions) for Windows and Macintosh. These vulnerabilities could potentially allow an attacker to take control of the affected system.

Adobe Reader and Acrobat is a family of computer programs developed by Adobe Systems, designed to view, create, manipulate and manage files in Adobe's core technology, the Portable Document Format (PDF), a format that has become the de facto standard in the electronic document exchange. Adobe Reader is universal client software that enables users inside and outside the firewall to interact with electronic documents online or offline. Adobe Reader and Acrobat are widely used by govern­ment organizations, corporations, and individuals around the world.

Vulnerabilities and Protections

Adobe has issued patches for these vulnerabilities as part of a quarterly security update. Check Point recommends applying these patches and the additional Check Point protections referenced below. The Check Point IPS Software Blade detects and blocks attempts to transfer malformed PDF files.