Adobe Reader 9.4.0

Wederom een tussentijdse beveiligingsupdate voor Adobe Reader. Hierin worden 23 lekken gedicht, waaronder het zero-day-lek dat al enkele weken werd misbruikt door internet criminelen. De reguliere update-ronde van 12 oktober komt hiermee te vervallen.

Vanwege de vele zero-day-lekken (lekken die al uitgebuiten worden door kwaadwillenden en waar nog geen update voor is) in Adobe Reader lijkt productent Adobe gedwongen te worden om af te stappen van zijn driemaandelijkse updateronde. Of er een maandelijkse update komt of dat Adobe vertrouwen heeft in de beschermende sandbox die ontwikkeld wordt voor de PDF-lezer is vooralsnog onbekend.

Adobe Reader 9.4.0 is beschikbaar voor Windows, Mac OS X en Linux.

Release notes:
This update resolves a font-parsing input validation vulnerability that could lead to code
execution (CVE-2010-2883).
Note: There are reports that this issue is being actively exploited in the wild.
This update resolves a memory corruption vulnerability in the authplay.dll component that could
lead to code execution (CVE-2010-2884).
This update resolves multiple potential Linux-only privilege escalation issues (CVE-2010-2887).
This update resolves multiple input validation errors that could lead to code execution (Windows,
ActiveX only) (CVE-2010-2888).
This update resolves a font-parsing input validation vulnerability that could lead to code
execution (CVE-2010-2889).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-2890).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3619).
This update resolves an image-parsing input validation vulnerability that could lead to code
execution (CVE-2010-3620).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3621).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3622).
This update resolves a memory corruption vulnerability that could lead to code execution
(Macintosh platform only) (CVE-2010-3623).
This update resolves an image-parsing input validation vulnerability that could lead to code
execution (Macintosh platform only) (CVE-2010-3624).
This update resolves a prefix protocol handler vulnerability that could lead to code execution
(CVE-2010-3625).
This update resolves a font-parsing input validation vulnerability that could lead to code
execution (CVE-2010-3626).
This update resolves an input validation vulnerability that could lead to code execution
(CVE-2010-3627).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3628).
This update resolves an image-parsing input validation vulnerability that could lead to code
execution (CVE-2010-3629).
This update resolves a denial of service vulnerability; arbitrary code execution has not been
demonstrated, but may be possible (CVE-2010-3630).
This update resolves an array-indexing vulnerability that could lead to code execution
(Macintosh platform only) (CVE-2010-3631).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3632).
This update resolves a memory corruption vulnerability that could lead to code execution
(CVE-2010-3658)
This update resolves a denial of service issue (CVE-2010-3656).
This update resolves a denial of service issue (CVE-2010-3657).
Deel dit artikel door twee keer te klikken: 
 

Reacties

E.Watrin

Ik heb een Mac Os X, versie 10.6.4.
Ik heb vanmorgen adobe 9.4 gedownload en hij is nog bezig. kan dat? of is het
niet voor Mac geschikt??
Gaarne uw antwoord

Clusenco

De Mac-versie kunt u downloaden op:
http://get.adobe.com/nl/reader/otherversions/

Vanessa

Hoop het

Redz

Alle adobe shit van mijn PC afgegooid, wat een ellende zeg!

Reageren

Plain text

  • Adressen van webpagina's en e-mailadressen worden automatisch naar links omgezet.
  • Regels en paragrafen worden automatisch gesplitst.
Verplichte controlevraag
Dit is een controle om spammers tegen te gaan.
_ortugal: