US-CERT: United States Computer Emergency Readiness Team
Cyber Security Alert SA08-043A
Adobe Reader and Acrobat Vulnerabilities
Original release date: February 12, 2008Last revised: May 9, 2008
Source: US-CERT
Systems Affected
- Adobe Reader 8.1.1 and earlier
- Adobe Acrobat Professional, 3D, and Standard 8.1.1 and earlier
Overview
Adobe Reader and Adobe Acrobat are affected by multiple vulnerabilities. Adobe has released Security bulletin APSB08-13 to address these vulnerabilities, the most serious of which may allow a remote attacker to take control of your computer.
Solution
Upgrade
Upgrade to Adobe Reader and Adobe Acrobat 8.1.2 as described in Adobe Security bulletin APSB08-13.
Description
Adobe Reader and Acrobat products are affected by multiple vulnerabilities. These vulnerabilities could allow an attacker to run malicious programs on your computer, crash your computer, or access your data. An attacker could exploit some of these vulnerabilities by convincing you to visit a web site that links to a specially crafted Portable Document Format (PDF) file.
At least one of these vulnerabilities is being actively exploited. The SANS Internet Storm Center Handler's Diary contains more information.
For more technical information, see US-CERT Technical Alert TA08-043A.
References
- US-CERT Technical Cyber Security Alert TA08-043A - <http://www.us-cert.gov/cas/techalerts/TA08-043A.html>
- US-CERT Vulnerability Notes for Adobe Security bulletin APSB08-13 - <http://www.kb.cert.org/vuls/byid?searchview&query=APSA08-01>
- Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/>
Feedback can be directed to US-CERT.
Produced 2008 by US-CERT, a government organization. Terms of use
Revision History
February 12, 2008: Initial release
May 9, 2008: Added Adobe Security bulletin apsb08-13
Get Adobe Reader