Adobe Reader XI 11.0.10

Door redactie op 10 december 2014 - 09:12

Van pdf-lezer Adobe Reader is de reguliere driemaandelijkse update verschenen. Elk kwartaal brengt Adobe een nieuwe versie van zijn Reader uit. Deze keer is het een beveiligings- en onderhoudsupdate die 20 lekken dichtplakt. Verder worden nog tientallen fouten gerepareerd, enkele functies verbeterd en optimalisaties doorgevoerd.

De 20 beveiligingslekken die zijn gerepareerd, zijn ernstig en kunnen in het ergste geval ertoe leiden dat een aanvaller de controle over een computer op afstand overneemt. Verder zijn fouten op het gebied van pdf creatie, services, toegankelijkheid, beeldresolutie en beveiliging opgelost. Ten slotte zijn de stabiliteit en prestaties van Adobe Reader 11.0.10 verbeterd. Details kun je hieronder nalezen.

Adobe Reader is te verkrijgen voor Windows en Mac OS X. Updaten gaat het makkelijkst met de ingebouwde update-functie van Adobe onder Help.

Uitgave opmerkingen:

These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2014-8454, CVE-2014-8455, CVE-2014-9165).

These updates resolve heap-based buffer overflow vulnerabilities that could lead to code execution (CVE-2014-8457, CVE-2014-8460, CVE-2014-9159).

These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2014-8449).

These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, CVE-2014-9158).

These updates resolve a time-of-check time-of-use (TOCTOU) race condition that could be exploited to allow arbitrary write access to the file system (CVE-2014-9150).

These updates resolve an improper implementation of a Javascript API that could lead to information disclosure (CVE-2014-8448, CVE-2014-8451).

These updates resolve a vulnerability in the handling of XML external entities that could lead to information disclosure (CVE-2014-8452).

These updates resolve vulnerabilities that could be exploited to circumvent the same-origin policy (CVE-2014-8453). 

PDF creation
3817760: Not able to convert specific google search pages to PDF using any browser.
3814919: Wrong conversion of Word file with check box content control, black dots and no labels
3735998: Lotus Notes crashes when PDFMaker is converting Email with Hyperlinked HTML image
3694142: Some Graphs are not converting successfully from Word To PDF.

Shared reviews
This release fixes the issues introduced with 11.0.09 and described in this article.
3829650/3840402: Not able to view comments published from previous versions of Acrobat Pro/Reader.
3840400/3827994: Acrobat Pro plugin stability issues when a shared review PDF is opened in browser.
3816793: Macintosh: Spinner in Document Message Bar spins indefinitely while Synchronizer tries to sync comments automatically after 10 minutes of last comment syncing.

Services integration
3827709: The registry preference bEnableAcrobatHS does not disable the Mobile Link UI, sign in dialog, and Acrobat.com UI under Recent files.
3821661: The registry preference bEnableAcrobatHS does not remove the “View All” button from the Gateway.
3833443: Don’t prompt the user to send the document to EchoSign when he saves it post placing a signature in the PDF file.
3840714: File upload to Acrobat.com fails in browser when Acrobat is the default handler impacting EchoSign/Fill&Sign in browser.
3851416: Fixed issues related to Mobile Link with files with non-ASCII names.

LiveCycle
This release fixes the issues introduced with 11.0.09 and described in this article.
3844791: Adobe Reader doesn’t display Extended authentication Login Screen.

Accessibility
3833045: Jaws not reading dynamic toolTip
3792269: LiveCycle Forms / Output does not generate a complete 508 accessible form according to Acrobat’s accessibility checker.

Security
3804468: Fixed issues with adding and removing privileged locations.

Display resolution
3815392: On HiDPI machines, the visual appearance of the Stay Signed In check box is poor when highlighted by the keyboard.
3833898: MAC retina displays: Recent Files View appears distorted on scaled resolutions.

Performance
3819211: Acrobat stability issues on moving textbox after rotating page view.
3857477: Adobe Reader/ Acrobat Pro XI stability issues when working with form fields in two or more PDFs at the same time.

Miscellaneous
3845191: With the registry preference bIgnoreDataSchema enabled, a warning dialog appears after pagebreaks.
3842576: The Digital Signature Appearance preference when certifying with an invisible signature is “Standard Text” and that preference sticks on the next attempt to sign a document with “Sign with Certificate.”
3841512: Contents are not showing up when saving a PDF file in Acrobat. It gives error message ‘insufficient data for an image’ for some files.
3825769: Cursor Text selection does not function as expected on a signed XFA based PDF with a Table.
3730756: With Protected Mode off, the print dialog is hidden behind IE (with the Reader plugin)
3858276: ClearScan throws an error message - “Acrobat could not replace the current page”.

Download: 

Ga naar de download-pagina van Adobe Reader

Bron: 

Adobe Security
Adobe Release notes

  • 6938 keer gelezen

Reageren

Meer informatie over tekstopmaak

Plain text

  • Toegelaten HTML-tags: <em> <strong> <br> <p>
  • Adressen van webpagina's en e-mailadressen worden automatisch naar links omgezet.
  • Regels en paragrafen worden automatisch gesplitst.
  • <img> elements are lazy-loaded.
Verplichte controlevraag
Om spam tegen te houden
neder_and