Wednesday, November 17, 2010

Security update 9.4.1 Available for Adobe Reader and Acrobat

Adobe shipped a critical security update to its Adobe products on November 16, 2010 that addresses a vulnerability that can cause the application to crash and allow an attacker to take control of the affected system.

Note: To determine the version of any of the above applications, open the Adobe program. Then from the Help menu choose About Adobe, (name of program). You should see the version listed in a new box. Then, you can click anywhere on this box to close it.

The current version of the Adobe Reader and Adobe Acrobat is version 9.4.1.

Action Required: Ag IT recommends that College of Ag Science faculty and staff update any Adobe products to the current version.

Note: Along with applying this update, we also recommend that you follow these steps to Secure Adobe Reader to Prevent Malware once you have your Adobe products updated!!

  1. To update Adobe Reader 9 to the current version, follow our How To Install and Configure Adobe Reader v9 for Windows.

  2. If your computer has Adobe Acrobat Professional v9 installed as well, you should be able to use the built-in Updater program to update the software.
    a) From the Help menu choose Check for Updates.
    b) If updates were found, follow the on-screen steps to update.

    Note: If an update is downloaded, close Adobe before applying the update.
    Then re-open Adobe. Repeat steps a - b until no more updates are available.

    Note: If the automatic updater does not find the latest updates, and your version is not the most current one, go to the Acrobat for Windows downloads page. Scroll down to locate the update for your version. Download and install.

    Note: Earlier versions of Adobe Acrobat Professional (version 8 or lower) will not receive this patch. This updates represent an out-of-cycle release. The next quarterly security updates for Adobe Reader and Acrobat are scheduled for February 8, 2011.

If you have Adobe Reader version 8.x on your computer, you should remove this version and update to Adobe Reader 9.3. See our How To Install and Configure Adobe Reader v9 for Windows.

The Adobe Security bulletin, Security Updates available for Adobe Reader and Acrobat, has additional information and links.

Monday, November 08, 2010

Security Update Released for Adobe Flash Player

On November 4, 2010 Adobe released a Security advisory called Security update available for Adobe Flash Player that announced the availability of an update to their Flash Player 10 software. The advisory states in part:

Summary
Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.85.3 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Affected software versions
Adobe Flash Player 10.1.85.3 and earlier versions

Severity rating
Adobe categorizes these as
critical issues and recommends affected users patch their installations.

Action Required: Ag IT recommends that you update the Adobe Flash Player on your Enterprise machine to resolve multiple memory corruption vulnerabilities that could lead to code execution.

For steps, see our How To Install Updates to Adobe Flash Player, http://agsci.psu.edu/it/how-to/install-updates-to-adobe-flash-player.

Note: If you use multiple browsers, perform the check for each browser you have installed on your computer.