Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2013.0206 Security Advisory for Adobe Reader and Acrobat 14 February 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe Reader and Acrobat Publisher: Adobe Operating System: Windows Linux variants OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Mitigation CVE Names: CVE-2013-0641 CVE-2013-0640 Original Bulletin: http://www.adobe.com/support/security/advisories/apsa13-02.html Comment: There are reports that these vulnerabilities are being exploited in the wild. Adobe have not yet provided patches to solve these vulnerabilities but they have given possible mitigations. This bulletin will be updated when patches are made available. - --------------------------BEGIN INCLUDED TEXT-------------------- Security Advisory for Adobe Reader and Acrobat Release date: February 13, 2012 Vulnerability identifier: APSA13-02 CVE number: CVE-2013-0640, CVE-2013-0641 Platform: Windows and Macintosh Summary Adobe has identified critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message. Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined. Affected software versions Adobe Reader XI (11.0.01 and earlier) for Windows and Macintosh Adobe Reader X (10.1.5 and earlier) for Windows and Macintosh Adobe Reader 9.5.3 and earlier 9.x versions for Windows and Macintosh Adobe Acrobat XI (11.0.01 and earlier) for Windows and Macintosh Adobe Acrobat X (10.1.5 and earlier) for Windows and Macintosh Adobe Acrobat 9.5.3 and earlier 9.x versions for Windows and Macintosh Mitigations Users of Adobe Reader XI and Acrobat XI for Windows can protect themselves from this exploit by enabling Protected View. To enable this setting, choose the "Files from potentially unsafe locations" option under the Edit > Preferences > Security (Enhanced) menu. Enterprise administrators can protect Windows users across their organization by enabling Protected View in the registry and propagating that setting via GPO or any other method. Further information about enabling Protected View for the enterprise is available here. Details Adobe has identified critical vulnerabilities (CVE-2013-0640, CVE-2013-0641) in Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message. Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined. Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS feed at http://blogs.adobe.com/psirt/atom.xml. Adobe actively shares information about this and other vulnerabilities with partners in the security community to enable them to quickly develop detection and quarantine methods to protect users until a patch is available. As always, Adobe recommends that users follow security best practices by keeping their anti-malware software and definitions up to date. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBURyBQu4yVqjM2NGpAQI/fBAAu3etCehvBByR87m92dk+S8nvdWU3FpwK pQZgU94MpNwef4LcTwDqpCySyW7oBtUn6aST+DqSKdfvNLvuWEh0iznF2sLEHWCV KNBJaAzAAz9v/AKtrJRMTjHI5b4jZMFtJXThpCwTOFqLkTG3551SlMuZzUmSQk68 9ft3aqgzPQN5HRMTQmyRSwtnZUxgxPs9Ut5CJSMWX0B0l0N+1ToDSEEq6k1Jv9B9 XzUdFBIbtCnB/MCAlGeo+df2jzFoV/iDt5XldxMfJdqSQ1RXZEmFYIDHT31ssWs1 /MOV+kuCPM+FlOAT4RW4dqYsn6UjaJXSLXz/sYuO9G0hcrBOEpfGD26l8P2vUdoU wAJptstEh9SlqZ0mVapYow6ENxsSfA8UdeBqlP1vNbLOT2WEgv7Yb6c/d16ylZL5 AAOP5xPX/wmDHCs976/YdVLg+BWyO/FLL79GHXYvhyZOORl3X/fg1EgxypXodm+H x3VujLYs4pnmZG395ggFFUkzTIxe9qI+EkZFAoM7PInpL+g1Bw7UclpK4uaz1Sei /MXLdG7w2ITs7J4jROzMgzGNlmyYydM02kp7TsdkM7WFtPzDuGks2T83XfQA58Xg j/sQF0d6CUqSVXtiHwJjtENwImo8wSLFszWXQc3MmeMhrcJtTMZ7JXubXghK20C1 feyPm3F+52E= =nMxo -----END PGP SIGNATURE-----