Adobe Reader XI (11.0.09) is now available for download

Adobe has released updates for Adobe Reader XI (11.0.09) for Windows and Mac, and Adobe Reader X (10.1.12) for Windows and Mac. These updates address 9 critical-risk vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Adobe recommends users update their product installations to the latest versions:
  • Users of Adobe Reader XI (11.0.08) for Windows and Mac should update to Adobe Reader XI (11.0.09).
  • Users of Adobe Reader X (10.1.11) for Windows and Mac should update to Adobe Reader X (10.1.12).

Overview
Adobe Reader is the free global standard for reliably viewing, printing, and commenting on Portable Document Format (PDF) documents with its original appearance preserved. Adobe Reader allows you open and interact with all types of PDF content, including forms and multimedia.

More information about Adobe Reader XI (11.0) available here.

Download Adobe Reader XI (11.0.09):
The links in this section correspond to files available for this download. Download the files appropriate for you.


For Adobe Reader users on Windows can find the appropriate update from Adobe Reader for Windows

For Adobe Reader users on Mac can find the appropriate update from Adobe Reader for Mac

What's new in Adobe Reader XI (11.0.09)?
This update contains the following updates and fixes:

Security fixed:
This build contains the following security fixes:
  • Fixed a use-after-free vulnerability that could lead to code execution (CVE-2014-0560).
  • Fixed a universal cross-site scripting (UXSS) vulnerability in Reader and Acrobat on the Macintosh platform (CVE-2014-0562).
  • Fixed a potential denial-of-service (DoS) vulnerability related to memory corruption (CVE-2014-0563).
  • Fixed a heap overflow vulnerability that could lead to code execution (CVE-2014-0561, CVE-2014-0567).
  • Fixed memory corruption vulnerabilities that could lead to code execution (CVE-2014-0565, CVE-2014-0566).
  • Fixed a sandbox bypass vulnerability that could be exploited to run native code with escalated privileges on Windows (CVE-2014-0568).

References:
Release Notes - Acrobat, Reader
Security Bulletin APSB14-20

No comments: