{"id":6805,"date":"2012-04-13T07:20:58","date_gmt":"2012-04-13T14:20:58","guid":{"rendered":"http:\/\/blog.webroot.com\/?p=6805"},"modified":"2016-04-15T14:56:45","modified_gmt":"2016-04-15T20:56:45","slug":"adobe-patches-critical-reader-and-acrobat-security-vulnerabilities","status":"publish","type":"post","link":"https://www.webroot.com/blog/2012\/04\/13\/adobe-patches-critical-reader-and-acrobat-security-vulnerabilities\/","title":{"rendered":"Adobe patches critical Reader and Acrobat security vulnerabilities"},"content":{"rendered":"<p>On Tuesday, Adobe <a href=\"http:\/\/www.adobe.com\/support\/security\/bulletins\/apsb12-08.html\"><strong>released a security bulletin<\/strong><\/a>, warning users of several vulnerabilities which could give a remote attacker access to the targeted PC.<\/p>\n<p>The update affects\u00a0Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X (10.1.2).<\/p>\n<p>More details:<\/p>\n<p><!--more--><\/p>\n<p>The update fixes the following vulnerabilities:<\/p>\n<ul>\n<li><strong><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-0774\">CVE-2012-0774<\/a>\u00a0&#8211;\u00a0<\/strong>These updates resolve an integer overflow in the True Type Font (TTF) handling that could lead to code execution<\/li>\n<li><strong><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-0775\">CVE-2012-0775<\/a>\u00a0&#8211;\u00a0<\/strong>These updates resolve a memory corruption in the JavaScript handling that could lead to code execution<\/li>\n<li><strong><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-0776\">CVE-2012-0776<\/a>\u00a0&#8211;\u00a0<\/strong>These updates resolve a security bypass via the Adobe Reader installer that could lead to code execution<\/li>\n<li><strong><a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2012-0777\">CVE-2012-0777<\/a>\u00a0&#8211; <\/strong>These updates resolve a memory corruption in the JavaScript API that could lead to code execution<\/li>\n<\/ul>\n<p>Just how popular are malicious PDFs these days? <a href=\"http:\/\/www.zdnet.com\/blog\/security\/report-malicious-pdf-files-becoming-the-attack-vector-of-choice\/8255\"><strong>According to multiple reports<\/strong><\/a>,\u00a0malicious PDF files outpace the distribution of related <a href=\"http:\/\/www.zdnet.com\/blog\/security\/report-zeus-crimeware-kit-malicious-pdfs-drive-growth-of-cybercrime\/6257?tag=content;siu-container\"><strong>malicious attachments used in targeted attacks<\/strong><\/a>, and currently represent the attack vector of choice for malicious attackers compared to media, help files, HTMLs and executables.<\/p>\n<p>Webroot advises end and corporate users to apply the Adobe updates\u00a0immediately.<\/p>\n<p><em>You can find more about Dancho Danchev at his\u00a0<strong><a href=\"http:\/\/nl.linkedin.com\/in\/danchodanchev\">LinkedIn Profile<\/a><\/strong>. You can also\u00a0<strong><a href=\"http:\/\/www.twitter.com\/danchodanchev\">follow him on \u00a0Twitter<\/a><\/strong>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Tuesday, Adobe released a security bulletin, warning users of several vulnerabilities which could give a remote attacker access to the targeted PC. The update affects\u00a0Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Linux, and Adobe Acrobat X (10.1.2). More details:<\/p>\n","protected":false},"author":65,"featured_media":17048,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3005],"tags":[],"yst_prominent_words":[4037,4997,4787,9227,10535,7081,10527,10521,10541,10525,6987,10543,10537,10531,6517,10533,10529,10523,3471,10539],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6805"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=6805"}],"version-history":[{"count":1,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6805\/revisions"}],"predecessor-version":[{"id":19181,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/6805\/revisions\/19181"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/17048"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=6805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=6805"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=6805"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=6805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}