June 2010 Security Patch Advisory for Adobe Reader and Acrobat

Vulnerability identifier: Adobe security advisory APSB10-15 - a.k.a. CVE-2010-1297

On June 29, 2010, Adobe is planning to release updates for Adobe Reader 9.3.2 for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.2 for Windows and Macintosh, and Adobe Reader 8.2.2 and Acrobat 8.2.2 for Windows and Macintosh to resolve critical security issues in the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This has been known about since June 4 and is being exploited in the wild.

According to the advisory, "the June 29, 2010 updates represent an accelerated release of the next quarterly security update originally scheduled for July 13, 2010. With this accelerated schedule, Adobe will not release additional updates for Adobe Reader and Acrobat on July 13, 2010."

UPDATE: June 29, 2010

As scheduled, Adobe has released patched versions 9.3.3 and 8.2.3 of its pdf Acrobat and Reader. 17 vulnerabilities were fixed in this update, including one zero-day flaw that has been exploited in the wild. I applied this update to my XP SP 3 computer and it required a reboot to complete, and your computer may also require a restart, depending on the OS. Be prepared to save any work in progress and reboot after you receive this update, whether manually or automatically.

Adobe warned about that vulnerability, which also affected Flash Player, on June 4, 2010, and plugged the hole in Flash on June 10. If you haven't updated Flash for all of your browsers, do so now, at http://www.adobe.com/go/EN_US-H-GET-FLASH, or from http://get.adobe.com/flashplayer/.

If you are currently using the latest version of Adobe Reader or Acrobat, you should have automatic checking for updates and notification of availability turned on by default, unless you purposely turned this safety feature off. That means that when the check for updates is run after these updates are pushed out, you will be notified about their availability and can download the update. If you set your Updates preference to automatically download and install the updates, this will happen automatically, in the background. This could be the same day, or the next day, depending on what time your Adobe Reader checks for updates. You can also run a manual check for updates, via the Help menu > Check for Updates.

You can set or reset your preferences for Adobe Reader and Acrobat update checking, via Edit > Preferences > Updater. I recommend "Automatically Install Updates." Note, that you must use Administrator credentials to check for and apply updates to Adobe Reader and Acrobat. This can be done from a less privileged account by right clicking on the desktop or Start Menu icon for Adobe Reader/Acrobat and choosing "Run As" (Administrator).

If you are running Ubuntu or Debian Linux, you must update Adobe Reader via the Updates Manager, found under the Menu item: Administration. An Administrator password is required to check for and install updates.

Please apply the security update to all PCs running Adobe Reader and or Acrobat, as the vulnerability is critical and if exploited, may lead to complete takeover of unpatched PCs. From that point on, anything goes.

Trend Micro Internet Security products,

for home and office users, use in-the-cloud malware definitions that are updated every day, all day, as soon as new or altered strains of viruses and other malware are detected in the wild and analyzed. By offloading the bulk of these ever changing virus definitions to cloud servers, the load on your computers is greatly reduced. All users of Trend security programs are instantly protected from hostile web pages laden with malware exploits and hostile email, by the Trend Micro Smart Protection Network.