Help
Email
Remote Access (VPN)Critical Vulnerabilities in Adobe Reader 9.1.1 and Acrobat 9.1.1 and earlier versions
Adobe has released Security Bulletin APSB09-07, which describes several vulnerabilities that may allow an attacker to take control of your computer.
For a complete description of the vulnerabilities and affected software, refer to Adobe Security Bulletins: APSB09-07.
AFFECTED SOFTWARE:
- Adobe Reader versions 9.1.1 and earlier, 8.1.5 and earlier, and 7.1.2 and earlier
- Adobe Acrobat (Standard, Professional, and 3D) versions 9.1.1 and earlier, 8.1.5 and earlier, and Adobe Acrobat (Standard, Professional 7.1.2 and earlier
WHAT YOU NEED TO DO TO PROTECT YOUR SYSTEM:
- Do NOT take action if you have a Computer Support Coordinator (CSC); they will apply the update for you or assist in instructing you.
- If you do not have a CSC:
Update your software
- Refer to Adobe Security Bulletins: APSB09-07 on how to obtain the latest updates for your specific software.
US-CERT and Adobe recommend the following to help mitigate this vulnerability:
- Disable JavaScript in Adobe Reader and Acrobat*
- Prevent Internet Explorer from automatically opening PDF documents*
- Disable the display of PDF documents in the web browser*
- Do not access PDF documents from untrusted sources
*Refer to US-CERT Cyber Security Alert SA09-161A for instructions.
ADDITIONAL INFORMATION:
- US-CERT Cyber Security Alert SA09-161A (Non-Technical)
- US-CERT Cyber Security Alert TA09-161A (Technical Alert)
If you have questions about any of the information provided above, you may send email inquiries to security@ucsf.edu.
Teresa A. Regalia, GCIH
UCSF Enterprise Information Security
Telephone: 415-502-1567
Teresa.Regalia@ucsf.edu
OAAIS Customer Support Service Desk
7 a.m. - 6 p.m., Mon – Fri
(415) 514-4100, Option 2
customersupport@ucsf.edu
help.ucsf.edu