Adobe Reader 9.3.4 / Adobe Acrobat 9.3.4

Adobe Systemsが今月初旬発表した、Adobe Reader/Adobe Acrobatに発見された脆弱性を修正するためのセキュリティアップデート版 9.3.4 をそれぞれ公開しました。旧8.x系統についても同様のアップデートがあるようですがここでは省略。

Windows/Mac/Linux全プラットフォーム対象。
セキュリティ脆弱性のあるAdobe Reader/Acrobat 9.3.3以前のバージョンをインストールしている方は、最新バージョンへアップデートするよう推奨しています。

SUMMARY

Critical vulnerabilities have been identified in Adobe Reader 9.3.3 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.3 (and earlier versions) and Adobe Acrobat 8.2.3 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

These updates address CVE-2010-2862, which was discussed at the Black Hat USA 2010 security conference on Wednesday, July 28, 2010. They also incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-16.

Adobe recommends users of Adobe Reader 9.3.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.4. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.4, Adobe has provided the Adobe Reader 8.2.4 update.) Adobe recommends users of Adobe Acrobat 9.3.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.4. Adobe recommends users of Adobe Acrobat 8.2.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.4.

Note that today's updates mentioned in this bulletin represent an out-of-cycle release. The next quarterly security updates for Adobe Reader and Acrobat is scheduled for October 12, 2010.

▼Adobe PSIRT Blog - Security Updates released for Adobe Reader and Acrobat
▼Adobe - Security updates available for Adobe Reader and Acrobat