ID: IRCNE2011121348
Date: 2011-12-19
According to "techworld", Adobe Systems has released Adobe Reader and Acrobat 9.4.7 in order to patch two vulnerabilities that are being actively exploited in attacks against companies from the defence industry.
One of the security flaws, identified as CVE-2011-2462, was announced on December 6 after Lockheed Martin's Computer Incident Response Team (CIRT) and members of the Defense Security Information Exchange reported it to Adobe.
Symantec confirmed a few days later that the vulnerability had been exploited since the beginning of November in email-based attacks that targeted companies from the telecommunications, manufacturing, computer hardware, chemical and defense industries.
Even though the vulnerabilities also affect the Adobe Reader and Acrobat X (10.x) branch, Adobe decided to postpone updates for these versions until the next scheduled update cycle on January 10.
Updates for Adobe Reader 9.x for Unix will also be released on January 10. Users of the Windows 9.x versions are strongly encouraged to upgrade to Adobe Reader and Acrobat 9.4.7 in order to protect their computers.
Related Link:
Adobe promises Reader zero-day patch on Friday
- 2