Adobe Reader XI (11.0.07) Now Available for Download

Adobe has released updates for Adobe Reader XI (11.0.07) for Windows and Mac, and Adobe Reader X (10.1.10) for Windows and Mac. These updates address 11 critical-risk vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users update their product installations to the latest versions:
  • Users of Adobe Reader XI (11.0.06) for Windows and Mac should update to Adobe Reader XI (11.0.07).
  • Users of Adobe Reader X (10.1.9) for Windows and Mac should update to Adobe Reader X (10.1.10).


Overview
Adobe Reader is the free global standard for reliably viewing, printing, and commenting on Portable Document Format (PDF) documents with its original appearance preserved. Adobe Reader allows you open and interact with all types of PDF content, including forms and multimedia.

More information about Adobe Reader XI (11.0) available here.

Download Adobe Reader XI (11.0.07):
The links in this section correspond to files available for this download. Download the files appropriate for you.

For Adobe Reader users on Windows can find the appropriate update from Adobe Reader for Windows

For Adobe Reader users on Mac can find the appropriate update from Adobe Reader for Mac

What's new in Adobe Reader XI (11.0.07)?
This update contains the following updates and fixes:

Security fixed:
This build contains the following security fixes:
  • Fixed a heap overflow vulnerability that could lead to code execution (CVE-2014-0511).
  • Fixed an input validation error that could lead to a security bypass (CVE-2014-0512).
  • Fixed a vulnerability in the implementation of Javascript APIs that could lead to information disclosure (CVE-2014-0521).
  • Fixed memory corruption vulnerabilities that could lead to code execution (CVE-2014-0522, CVE-2014-0523, CVE-2014-0524, CVE-2014-0526).
  • Fixed a vulnerability in the way Reader handles certain API calls to unmapped memory that could lead to code execution (CVE-2014-0525).
  • Fixed a use-after-free vulnerability that could lead to code execution (CVE-2014-0527).
  • Fixed a double-free vulnerability that could lead to code execution (CVE-2014-0528).
  • Fixed a buffer overflow vulnerability that could lead to code execution (CVE-2014-0529).

References:
Release Notes - Acrobat, Reader
Security Bulletin APSB14-15

No comments: