404 Tech Support

Where IT Help is Found

You are here: Home / Articles / Security and Privacy / Adobe Releases Updates for Adobe Acrobat and Reader

Adobe Releases Updates for Adobe Acrobat and Reader

by

Adobe has released version 10.1.1 to address critical vulnerabilities in Adobe Acrobat and Adobe Reader. Today’s updates also include version 9.4.6 and 8.3.1 for previous versions. Adobe Acrobat 8 and Reader 8 will stop being supported November 3rd.

The Security Bulletin partnered with this release details the vulnerabilities addressed with today’s update:

These updates resolve a local privilege-escalation vulnerability (Adobe Reader X (10.x) on Windows only) (CVE-2011-1353).

These updates resolve a security bypass vulnerability that could lead to code execution (CVE-2011-2431).

These updates resolve a buffer overflow vulnerability in the U3D TIFF Resource that could lead to code execution (CVE-2011-2432).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2433).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2434).

These updates resolve an buffer overflow vulnerability that could lead to code execution (CVE-2011-2435).

These updates resolve a heap overflow vulnerability in the Adobe image parsing library that could lead to code execution (CVE-2011-2436).

These updates resolve a heap overflow vulnerability that could lead to code execution (CVE-2011-2437).

These updates resolve three stack overflow vulnerabilities in the Adobe image parsing library that could lead to code execution (CVE-2011-2438).

These updates resolve a memory leakage condition vulnerability that could lead to code execution (CVE-2011-2439).

These updates resolve a use-after-free vulnerability that could lead to code execution (CVE-2011-2440).

These updates resolve two stack overflow vulnerabilities in the CoolType.dll library that could lead to code execution (CVE-2011-2441).

These updates resolve a logic error vulnerability that could lead to code execution (CVE-2011-2442).

These updates also incorporate the Adobe Flash Player updates as noted in Security Bulletin APSB11-21.

You can download the Adobe Reader 10.1.1 setup.exe and the Acrobat 10.1.1 .msp update from the Adobe FTP server.

The next quarterly security updates for Adobe Reader and Acrobat are currently scheduled for December 13, 2011.

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.