Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2009
October
Adobe Reader and Acrobat Security Update
Critical Microsoft October Security Update for Windows Users
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

Security Alert- Adobe Reader and Acrobat Security Update

(U.S. Eastern Time)
DAY: Monday
DATE: October 19, 2009

Windows, Mac and Linux users running Adobe Reader and Acrobat 9.1.3 and older are vulnerable to exploits.  Without the security update, an unauthorized attacker may take complete control of an affected system by convincing the user to open a maliciously crafted Portable Document Format (PDF) file.

If you suspect your computer has already been compromised, or if your Adobe Reader, Acrobat, or web browser crashes when opening a PDF file, STOP! Immediately take the following steps:

  1. Disconnect from the network - turn off wireless or unplug the wired network cable.
  2. Discontinue use of the machine but DO NOT power off.
  3. Contact the Information Security Office at (412) 268-2044 or iso@andrew.cmu.edu or your departmental computing administrator/DSP consultant for further instructions.

These steps are excerpted from Responding to a Compromised Computer.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

ACTION REQUIRED:

NOTE: You must login with an administrative account/password to complete steps marked with ***

  1. Update Adobe Reader***

Download and install the latest version of Adobe Reader from Adobe Products - Reader

If Adobe Reader is installed:
a.       Launch Adobe Reader
b.      From the Help menu choose Check for Updates...
c.       Follow the on-screen instructions to install any available updates.

  1. Apply Adobe Acrobat Professional and Standard update .   Download and install the update for your version of Acrobat from Windows or Mac.

More Technical Information:

Visit US-CERT technical alert - Adobe Reader and Acrobat Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA09-286B.html

Visit Adobe Security Advisories for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb09-15.html

Contact:
Please direct any questions or comments to the Computing Services Help Center (412-268-HELP or advisor@andrew.cmu.edu) or to your departmental administrator or DSP consultant.