JPCERT-AT-2017-0014 JPCERT/CC 2017-04-12 <<< JPCERT/CC Alert 2017-04-12 >>> Alert Regarding Vulnerabilities in Adobe Reader and Acrobat (APSB17-11) https://www.jpcert.or.jp/english/at/2017/at170014.html I. Overview Multiple vulnerabilities exist in Adobe Acrobat Reader, a PDF file viewing software, and Adobe Acrobat, a PDF file creation and conversion software. As a result, a remote attacker may terminate Adobe Reader and Acrobat, or execute arbitrary code by convincing a user to open contents leveraging the vulnerabilities. For more information, please refer to the Adobe website. Security Updates Available for Adobe Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb17-11.html II. Affected Products Affected products and versions are as follows: - Adobe Acrobat Reader DC Continuous (15.023.20070) and earlier - Adobe Acrobat Reader DC Classic (15.006.30280) and earlier - Adobe Acrobat DC Continuous (15.023.20070) and earlier - Adobe Acrobat DC Classic (15.006.30280) and earlier - Adobe Acrobat XI (11.0.19) and earlier - Adobe Reader XI (11.0.19) and earlier III. Solution Please update Adobe Reader and Acrobat to the latest version listed below. - Adobe Acrobat Reader DC Continuous (2017.009.20044) - Adobe Acrobat Reader DC Classic (2015.006.30306) - Adobe Acrobat DC Continuous (2017.009.20044) - Adobe Acrobat DC Classic (2015.006.30306) - Adobe Acrobat XI (11.0.20) - Adobe Reader XI (11.0.20) Acrobat will be updated by starting the product, selecting the menu "Help (H)", and then clicking "Check for Updates (U)". If an update from the menu is not available, please download the latest Adobe Reader and Acrobat from the following URL. For more information, please refer to the Adobe website. Adobe.com - New downloads https://www.adobe.com/support/downloads/new.jsp IV. References Adobe Systems Incorporated Security Updates Available for Adobe Acrobat and Reader https://helpx.adobe.com/security/products/acrobat/apsb17-11.html Adobe Systems Incorporated Security Bulletins Posted https://blogs.adobe.com/psirt/?p=1457 If you have any information regarding this alert, please contact JPCERT/CC. ====================================================================== JPCERT Coordination Center (JPCERT/CC) MAIL: info@jpcert.or.jp TEL: +81-3-3518-4600 FAX: +81-3-3518-4602 https://www.jpcert.or.jp/english/