Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.0437 Security updates available for Adobe Acrobat and Reader | APSB19-07 13 February 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Adobe Acrobat and Reader Publisher: Adobe Operating System: Windows OS X Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-7089 CVE-2019-7087 CVE-2019-7086 CVE-2019-7085 CVE-2019-7084 CVE-2019-7083 CVE-2019-7082 CVE-2019-7081 CVE-2019-7080 CVE-2019-7079 CVE-2019-7078 CVE-2019-7077 CVE-2019-7076 CVE-2019-7075 CVE-2019-7074 CVE-2019-7073 CVE-2019-7072 CVE-2019-7071 CVE-2019-7070 CVE-2019-7069 CVE-2019-7068 CVE-2019-7067 CVE-2019-7066 CVE-2019-7065 CVE-2019-7064 CVE-2019-7063 CVE-2019-7062 CVE-2019-7060 CVE-2019-7059 CVE-2019-7058 CVE-2019-7057 CVE-2019-7056 CVE-2019-7055 CVE-2019-7054 CVE-2019-7053 CVE-2019-7052 CVE-2019-7051 CVE-2019-7050 CVE-2019-7049 CVE-2019-7048 CVE-2019-7047 CVE-2019-7046 CVE-2019-7045 CVE-2019-7044 CVE-2019-7043 CVE-2019-7042 CVE-2019-7041 CVE-2019-7040 CVE-2019-7039 CVE-2019-7038 CVE-2019-7037 CVE-2019-7036 CVE-2019-7035 CVE-2019-7034 CVE-2019-7033 CVE-2019-7032 CVE-2019-7031 CVE-2019-7030 CVE-2019-7029 CVE-2019-7028 CVE-2019-7027 CVE-2019-7026 CVE-2019-7025 CVE-2019-7024 CVE-2019-7023 CVE-2019-7022 CVE-2019-7021 CVE-2019-7020 CVE-2019-7019 CVE-2019-7018 CVE-2018-19725 Original Bulletin: https://helpx.adobe.com/security/products/acrobat/apsb19-07.html - --------------------------BEGIN INCLUDED TEXT-------------------- Security updates available for Adobe Acrobat and Reader | APSB19-07 +-----------------------+-----------------------------------+-----------------+ | Bulletin ID | Date Published | Priority | +-----------------------+-----------------------------------+-----------------+ |APSB19-07 |February 12, 2019 |2 | +-----------------------+-----------------------------------+-----------------+ Summary Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Versions +-----------------+-----------+-------------------------------+---------------+ | Product | Track | Affected Versions | Platform | +-----------------+-----------+-------------------------------+---------------+ |Acrobat DC |Continuous |2019.010.20069 and earlier |Windows and | | | |versions |macOS | +-----------------+-----------+-------------------------------+---------------+ |Acrobat Reader DC|Continuous |2019.010.20069 and earlier |Windows and | | | |versions |macOS | +-----------------+-----------+-------------------------------+---------------+ +-----------------+-----------+-------------------------------+---------------+ |Acrobat 2017 |Classic |2017.011.30113 and earlier |Windows and | | |2017 |version |macOS | +-----------------+-----------+-------------------------------+---------------+ |Acrobat Reader |Classic |2017.011.30113 and earlier |Windows and | |2017 |2017 |version |macOS | +-----------------+-----------+-------------------------------+---------------+ +-----------------+-----------+-------------------------------+---------------+ |Acrobat DC |Classic |2015.006.30464 and earlier |Windowsand | | |2015 |versions |macOS | +-----------------+-----------+-------------------------------+---------------+ |Acrobat Reader DC|Classic |2015.006.30464 and earlier |Windowsand | | |2015 |versions |macOS | +-----------------+-----------+-------------------------------+---------------+ Solution Adobe recommends users update their software installations to the latest versions by following the instructions below. The latest product versions are available to end users via one of the following methods: o Users can update their product installations manually by choosing Help > Check for Updates. o The products will update automatically, without requiring user intervention, when updates are detected. o The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center . For IT administrators (managed environments): o Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/ , or refer to the specific release note version for links to installers. o Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and SSH. Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version: +---------------+----------+--------------+-----------+----------+------------+ | Product | Track | Updated | Platform | Priority |Availability| | | | Versions | | Rating | | +---------------+----------+--------------+-----------+----------+------------+ | | | |Windowsand | |Windows | |Acrobat DC |Continuous|2019.010.20091|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ |Acrobat Reader | | |Windowsand | |Windows | |DC |Continuous|2019.010.20091|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ +---------------+----------+--------------+-----------+----------+------------+ | |Classic | |Windowsand | |Windows | |Acrobat 2017 |2017 |2017.011.30120|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ |Acrobat Reader |Classic | |Windowsand | |Windows | |DC 2017 |2017 |2017.011.30120|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ +---------------+----------+--------------+-----------+----------+------------+ | |Classic | |Windowsand | |Windows | |Acrobat DC |2015 |2015.006.30475|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ |Acrobat Reader |Classic | |Windowsand | |Windows | |DC |2015 |2015.006.30475|macOS |2 | | | | | | | |macOS | +---------------+----------+--------------+-----------+----------+------------+ Vulnerability Details +-------------------------+---------------------+---------+-------------------+ | Vulnerability Category |Vulnerability Impact |Severity | CVE Number | +-------------------------+---------------------+---------+-------------------+ | |Arbitrary Code | |CVE-2019-7020 | |Buffer Errors |Execution |Critical | | | | | |CVE-2019-7085 | +-------------------------+---------------------+---------+-------------------+ |Data leakage (sensitive) |Information |Critical |CVE-2019-7089 | | |Disclosure | | | +-------------------------+---------------------+---------+-------------------+ |Double Free |Arbitrary Code |Critical |CVE-2019-7080 | | |Execution | | | +-------------------------+---------------------+---------+-------------------+ |Integer Overflow |Information |Critical |CVE-2019-7030 | | |Disclosure | | | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2019-7021 | | | | | | | | | |CVE-2019-7022 | | | | | | | | | |CVE-2019-7023 | | | | | | | | | |CVE-2019-7024 | | | | | | | | | |CVE-2019-7028 | | | | | | | | | |CVE-2019-7032 | | | | | | | | | |CVE-2019-7033 | | | | | | | | | |CVE-2019-7034 | | | | | | | | | |CVE-2019-7035 | | | | | | | | | |CVE-2019-7036 | | | | | | | | | |CVE-2019-7038 | | | | | | | | | |CVE-2019-7045 | | | | | | | | | |CVE-2019-7047 | | | | | | | |Information | |CVE-2019-7049 | |Out-of-Bounds Read |Disclosure |Important| | | | | |CVE-2019-7053 | | | | | | | | | |CVE-2019-7055 | | | | | | | | | |CVE-2019-7056 | | | | | | | | | |CVE-2019-7057 | | | | | | | | | |CVE-2019-7058 | | | | | | | | | |CVE-2019-7059 | | | | | | | | | |CVE-2019-7063 | | | | | | | | | |CVE-2019-7064 | | | | | | | | | |CVE-2019-7065 | | | | | | | | | |CVE-2019-7067 | | | | | | | | | |CVE-2019-7071 | | | | | | | | | |CVE-2019-7073 | | | | | | | | | |CVE-2019-7074 | | | | | | | | | |CVE-2019-7081 | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2018-19725 | |Security bypass |Privilege Escalation |Critical | | | | | |CVE-2019-7041 | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2019-7019 | | | | | | | | | |CVE-2019-7027 | | | | | | | | | |CVE-2019-7037 | | |Arbitrary Code | | | |Out-of-Bounds Write |Execution |Critical |CVE-2019-7039 | | | | | | | | | |CVE-2019-7052 | | | | | | | | | |CVE-2019-7060 | | | | | | | | | |CVE-2019-7079 | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2019-7069 | | |Arbitrary Code | | | |Type Confusion |Execution |Critical |CVE-2019-7086 | | | | | | | | | |CVE-2019-7087 | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2019-7042 | | | | | | | | | |CVE-2019-7046 | | | | | | |Untrusted Pointer |Arbitrary Code | |CVE-2019-7051 | |Dereference |Execution |Critical | | | | | |CVE-2019-7054 | | | | | | | | | |CVE-2019-7066 | | | | | | | | | |CVE-2019-7076 | +-------------------------+---------------------+---------+-------------------+ | | | |CVE-2019-7018 | | | | | | | | | |CVE-2019-7025 | | | | | | | | | |CVE-2019-7026 | | | | | | | | | |CVE-2019-7029 | | | | | | | | | |CVE-2019-7031 | | | | | | | | | |CVE-2019-7040 | | | | | | | | | |CVE-2019-7043 | | | | | | | | | |CVE-2019-7044 | | | | | | | | | |CVE-2019-7048 | | | | | | | |Arbitrary Code | |CVE-2019-7050 | |Use After Free |Execution |Critical | | | | | |CVE-2019-7062 | | | | | | | | | |CVE-2019-7068 | | | | | | | | | |CVE-2019-7070 | | | | | | | | | |CVE-2019-7072 | | | | | | | | | |CVE-2019-7075 | | | | | | | | | |CVE-2019-7077 | | | | | | | | | |CVE-2019-7078 | | | | | | | | | |CVE-2019-7082 | | | | | | | | | |CVE-2019-7083 | | | | | | | | | |CVE-2019-7084 | +-------------------------+---------------------+---------+-------------------+ Acknowledgements Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers: o Sebastian Apelt via Trend Micro's Zero Day Initiative (CVE-2019-7044, CVE-2019-7045, CVE-2019-7048) o Abdul-Aziz Hariri via Trend Micro Zero Day Initiative (CVE-2018-19725, CVE-2019-7041) o Linan Hao of Qihoo 360 Vulcan Team andZhenjieJia of Qihoo 360 Vulcan Team (CVE-2019-7018, CVE-2019-7019, CVE-2019-7020, CVE-2019-7021,CVE-2019-7022, CVE-2019-7023, CVE-2019-7024, CVE-2019-7029) o @j00sean working with iDefenseLabs (CVE-2019-7040) o 360Security (CVE-2019-7030) o Aleksandar Nikolic of CiscoTalos. (CVE-2019-7039) o Anonymous working with Trend Micro Zero Day Initiative (CVE-2019-7077) o Gal De Leon of Palo Alto Network(CVE-2019-7025) o Juan Pablo LopezYacubianworking with Trend Micro Zero Day Initiative (CVE-2019-7078) o kdotworking with Trend Micro's Zero Day Initiative (CVE-2019-7049) o KeLiu of Tencent Security Xuanwu Lab (CVE-2019-7033, CVE-2019-7034, CVE-2019-7035, CVE-2019-7036, CVE-2019-7037, CVE-2019-7038, CVE-2019-7047) o Mat Powell of Trend Micro Zero Day Initiative (CVE-2019-7071, CVE-2019-7072, CVE-2019-7073, CVE-2019-7074, CVE-2019-7075) o Yoav Alon &NetanelBen-Simon from Check Point Research(CVE-2019-7080, CVE-2019-7081) o Steven Seeleyvia Trend Micro's Zero Day Initiative(CVE-2019-7069, CVE-2019-7070) o T3rmin4t0r working with Trend Micro's Zero Day Initiative (CVE-2019-7042, CVE-2019-7043) o Steven Seeley (mr_me) of Source Incite working withiDefenseLabs (CVE-2019-7084, CVE-2019-7085, CVE-2019-7086, CVE-2019-7087) o TencentAtuinTeam (CVE-2019-7031, CVE-2019-7032) o Xu Peng andSuPuruiof TCA/SKLCS Institute of Software Chinese Academy of Sciences (CVE-2019-7076) o ZhenjieJia of Qihoo360 Vulcan Team (CVE-2019-7062, CVE-2019-7063, CVE-2019-7064, CVE-2019-7067) o Zhiyuan Wang from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. working with Trend Micro Zero Day Initiative (CVE-2019-7079) o Bo Qu of Palo Alto Networks andHeigeofKnownsec404 Security Team (CVE-2019-7065, CVE-2019-7066, CVE-2019-7068) o Zhibin Zhang of Palo Alto Networks (CVE-2019-7026, CVE-2019-7027, CVE-2019-7028, CVE-2019-7082) o Qi Deng of Palo Alto Networks (CVE-2019-7046, CVE-2019-7050, CVE-2019-7051, CVE-2019-7083) o Hui Gao of Palo Alto Networks (CVE-2019-7052, CVE-2019-7053, CVE-2019-7054) o ZhaoyanXu of Palo Alto Networks (CVE-2019-7055, CVE-2019-7056, CVE-2019-7057) o ZhanglinHe of Palo Alto Networks (CVE-2019-7058, CVE-2019-7059, CVE-2019-7060) - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXGNzPGaOgq3Tt24GAQiIbxAAsw4jSTfVIQYq0JmjS1hVm0PdQqt4C9zt aLf9/cWg9Fk5KNjMSTN7zdjeqLlSRzOlN+ngtZlGNhl6j2Z5UK+OIsDKAVJT07qm Rizd1YfZ3OM+PtBzMopLWN5EOwJM05OnUbPg/uWIRlp9MWwexh3mJU62DmFVg0ro sxyrlCS1KemjKKmEpf0AEJxwxO9AogrpvrdgDioNDMjQQbB1BHBxdzaT235GFIW+ SU1RAUoszjxUyaS3OWv1TWHT/qjglQeXLR0epw48NGcyJ1X1iCiD1BS30lGmPFzP YJ2HNBnhdAz3KOiqENm6xF4uyFq4WCG+FNxzYC/oyGaAc2+v2gkso9h8u60r7EOV I9Ft8dpf/wV09q+riDb+srJxsnNU+031z+G4VPwaARQxLQuePxVR/6RbtOi8XRlV NYvlI/9R5qNPI06hPhECcriJ/Du2B5lSsgTMJfc41gmMQu3d+6Z9DXeaJKWt46Yb 2AMbrMzo+VZ2Gw4n5HcrsIgwfpAujvFci14UIvNr4D0MWpPNee1ssw5WBdcY2rm6 8y2aZyZUquJ0QktjHHErQPlsyRJQs3SaFS7BKuj3JvYe3jznuHZBfl65XJH0HBs5 R3dZjIMw2wYlZw7ptnyjRXoRu5U/UYDujF7vtVBy1OxdkjIZB0IskJ95uhoFlEJs Co5/WFZTYSs= =HV4n -----END PGP SIGNATURE-----