Security → Security Update available for Adobe Reader 8

Security Update available for Adobe Reader 8 and Acrobat 8 Release date: November 4, 2008
Platform: All Platforms

Summary
Critical vulnerabilities have been identified in Adobe Reader and Acrobat
8.1.2 and earlier versions. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system.

Adobe Reader 9 and Acrobat 9 are not vulnerable to these issues. Adobe recommends users of Acrobat 8 and Adobe Reader 8 who can’t update to Adobe Reader 9 install the 8.1.3 update to protect themselves from potential vulnerabilities.

Affected software versions
Adobe Reader 8.1.2 and earlier versions
Adobe Acrobat Professional, 3D and Standard 8.1.2 and earlier versions

Solution
Adobe Reader

Adobe recommends Adobe Reader users update to Adobe Reader 9, available
here:
»www.adobe.com/go/getreader

»www.adobeforums.com/webx ··· 59b6ef1e

Updated and working fine here on XP-SP3. Another application which I may have allowed come along with it called Adobe Air. Wasn't crazy about that so I went into Add/remove and got rid of it.

Has anyone tried the Adobe Reader 8.1.3 update? Can you update 8.1.2 to 8.1.3 using the 'check for update' feature?

Hi starfish
You certainly can use the check for update feature although it as my experience shows may not always work. If thats the case then please use the above link

WNGFAN, which version of adobe reader did you install?

in the adobe forum, all i have seen, there, are posts saying that adobe reader 9 does not work..

Just tried via the "check for update" feature. It didn't work for me using XP SP3. It found the update, but had issues running it.

Adobe Reader 9
version 9.0.0

Drat... as a Windows 2000 user, Adobe tells me I could only use Reader 7.0.9 ( installed) or Adobe Reader 9, so decided to download it and see what happened. Unfortunately, yes, it doesn't open PDF files all the time, sometimes it just locks up.

i switched to "foxit"..

i checked out the user-reviews of "AR build 9", at cnet's "download.com", and all but one of them were very negative..

i was using AR build 7.10.. i have used build 8.12, before, and it was OK, so i would think that AR build 8.13 would be OK, as well, but, before installing AR build 8.13, i tried "foxit", and it worked, for me, so i switched to using it instead of adobe reader..

unfortunately, adobe didn't say whether AR build 7.10 had any of the same vulnerabilities that build 8.12 had, or not.. my guess is that it didn't..

Hi Redwolfe_98,
You're guess is correct The only fix for version 7x was:

"1755163 Issue printing multiple documents using the windows context menu option
When printing multiple documents from the windows context menu option, Reader would launch multiple instances for each document. If you were to subsequently check the print queue, there would be some documents missing. This issue has been resolved.Root: Fixes issue found in 7 and 8."

I can live with that.

Trying to figure out what to do about this, I found the release notes for Version 8.1.3 here:

»kb.adobe.com/selfservice ··· liceId=1

I wish Adobe wouldn't make it so difficult to find things!

Do you like Foxit? I just looked at their page and noticed it has a multimedia player and a built in javascript engine.
If I ever wanted to switch, I wouldn't be interested in those features.

Sincerely, Libra

Another happy Foxit user.

Get Foxit, works great.

If Acrobat 7.1 would be affected by the current vulnerability, I guess ADOBE would loudly recommend to update from 7 to 9 (money, money, money )

Since they don't mention Acrobat 7.1 at all suggests to me that it is not affected.... but you never know... before I get a final answer, I am using Foxit instead

Thomas

If you don't have the latest patched Adobe, or an alternative PDF reader, better hurry. Exploits are in the wild, and AV coverage is mighty slim.

»isc.sans.org/diary.html? ··· yid=5324

Thanks again. Downloading as I type.

here is a list of at least some of the URL's that are being used to distrubute malware that takes advantage of the adobe reader vulnerabilities:

»www3.malekal.com/exploit.txt