Affected software versions:
Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh
Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh and UNIX
Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
Adobe Acrobat 9.4.6 and earlier 9.x versions for Windows and Macintosh
*Note: Adobe Reader for Android and Adobe Flash Player are not affected by this issue.
Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of this kind from executing.
To verify Protected View for Acrobat X is enabled go to:
Edit >Preferences > Security (Enhanced) and ensure “Files from potentially unsafe locations” or “All files” with “Enable Enhanced Security” are checked.
To verify Protected Mode for Adobe Reader X is enabled, go to:
Edit >Preferences >General and verify that “Enable Protected Mode at startup” is checked.
Adobe categorizes this as a critical issue.
We suggest that users apply the latest Security Advisory APSB11-30.