Current Activity

Adobe Releases Security Advisory for Adobe Reader and Acrobat

added Thursday, February 14, 2013 at 2:20 pm

Adobe has released a security advisory for Adobe Reader and Acrobat to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system. Adobe is aware of reports that these vulnerabilities are being exploited in the wild, in targeted attacks designed to trick users into clicking on malicious PDF files delivered in an email message.

The advisory indicates that the following versions of Adobe Reader and Acrobat are affected:

• Adobe Reader XI 11.0.01 and earlier for Windows and Macintosh
  
• Adobe Reader X 10.1.5 and earlier for Windows and Macintosh
• Adobe Reader 9.5.3 and earlier 9.x versions for Windows, Macintosh, and Linux
  
• Adobe Acrobat XI 11.0.01 and earlier for Windows and Macintosh
• Adobe Acrobat X 10.1.5 and earlier for Windows and Macintosh
• Adobe Acrobat 9.5.3. and earlier 9.x versions for Windows and Macintosh

Adobe is in the process of working on a fix for these issues and will update this advisory when a date for the fix has been determined.

Research In Motion Releases Security Update for BlackBerry Enterprise Server

added Thursday, February 14, 2013 at 10:34 am

Research In Motion (RIM) has released a security advisory for BlackBerry Enterprise Server to address multiple vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code or allow elevation of privileges.

RIM has released updates for the following versions:

• BlackBerry Enterprise Server Express versions 5.02 through 5.04 for Microsoft Exchange and IBM Lotus Domino
• BlackBerry Enterprise Server versions 5.02 through 5.04 for Microsoft Exchange and IBM Lotus Domino
• BlackBerry Enterprise Server versions 5.0.1 and 5.0.4 for Novell Groupwise

US-CERT encourages users and administrators to review RIM security advisory BSRT-2013-003 and apply any necessary updates to help mitigate the risk.

Adobe Releases Security Update for Adobe Flash Player

added Wednesday, February 13, 2013 at 4:05 pm

Adobe has released a security update for Adobe Flash Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected systems.

Adobe has released updates for the following versions:

• Adobe Flash Player 11.5.502.149 and earlier versions for Windows and Macintosh
• Adobe Flash player 11.2.202.262 and earlier versions for Linux
• Adobe Flash player 11.1.115.37 and earlier versions for Android 4.x devices
  
• Adobe Flash player 11.1.111.32 and earlier versions for Android 3.x devices
• Adobe AIR 3.5.0.1060 and earlier versions
• Adobe AIR 3.5.0.1060 SDK (including AIR for iOS) and earlier versions
  

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-05 and apply any necessary updates to help mitigate the risk.

Adobe Releases Security Update for Adobe Shockwave Player

added Wednesday, February 13, 2013 at 12:18 pm

Adobe has released a security update for Adobe Shockwave Player to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

Adobe has released updates for the following versions:

• Adobe Shockwave Player 11.6.8.638 and earlier versions for Windows and Macintosh
  

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-06 and apply any necessary updates to help mitigate the risk.