Adobe has released a new security advisory affecting Adobe Reader and Acrobat v9.1.3 and earlier.
Security Advisory for Adobe Reader and Acrobat
Release date: October 8, 2009
Vulnerability identifier: APSB09-15
CVE number: CVE-2009-3459
Adobe is planning to release an update for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh to resolve critical security issues. Adobe expects to make this update available on October 13, 2009. This update represents the second quarterly security update for Adobe Reader and Acrobat.
We wish to thank Chia-Ching Fang and the Information and Communication Security Technology Center for their help with reporting and investigating this issue (CVE-2009-3459).
Users may monitor the latest information on the Adobe Product Security Incident Response Team blog at the following URL: http://blogs.adobe.com/psirt or by subscribing to the RSS feed here: http://blogs.adobe.com/psirt/atom.xml.
(Note: This Security Advisory will be replaced with the final Security Bulletin upon release on October 13, 2009.)
Affected software versions
Adobe Reader 9.1.3 and earlier versions for Windows, Macintosh, and UNIX
Adobe Acrobat 9.1.3 and earlier versions for Windows and Macintosh
Adobe categorizes this as a critical update.