IPS Update for Critical Adobe Vulnerabilities in APSB10-15
 |
 |
 |
 |
 |
Introduction
On June 29th Adobe released an accelerated quarterly security update to patch critical vulnerabilities in Adobe Reader and Acrobat that are being exploited in the wild. A remote attacker may exploit these vulnerabilities to take complete control of an affected system.
Products Affected
Products affected are Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh and UNIX and Acrobat 9.3.2 and earlier versions for Windows and Macintosh.
Adobe Reader and Acrobat is a family of computer programs developed by Adobe Systems, designed to view, create, manipulate and manage files in Adobe's core technology, the Portable Document Format (PDF), a format that has become the de facto standard in the electronic document exchange. Adobe Reader isuniversal client software that enables users inside and outside the firewall to interact with electronic documents online or offline. Adobe Reader and Acrobat are widely used by government organizations, corporations, and individuals around the world.
Protection
Adobe has issued patches for these vulnerabilities including CVE-2010-1297 referenced in the Check Point June 7th Security Alert. Check Point recommends applying these patches and the additional Check Point protections in the IPS Software Blade. For more information see CPAI-2010-211 and SBP-2010-22.