Spyware, Viruses, & Security forum

General discussion

Security Advisory for Adobe Reader and Acrobat

by Carol~ Forum moderator / September 8, 2010 9:58 AM PDT

From the Adobe Product Security Incident Response Team (PSIRT) Blog:

A Security Advisory has been posted in regards to a new Adobe Reader and Acrobat issue (CVE-2010-2883). A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild.

We will continue to provide updates on this issue via the Security Advisory section of the Adobe website as well as the Adobe PSIRT blog.


Post a reply
Discussion is locked
You are posting a reply to: Security Advisory for Adobe Reader and Acrobat
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Security Advisory for Adobe Reader and Acrobat
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Revised Security Advisory;EMET 2.0 as suggested tool
by Donna Buenaventura / September 10, 2010 3:14 PM PDT

From Adobe Product Security Incident Response Team (PSIRT) Blog:

We just updated the Security Advisory (APSA10-02) posted on Wednesday, September 8, 2010 with a mitigation option for Windows users.


Security Advisory for Adobe Reader and Acrobat
Release date: September 8, 2010
Last updated: September 10, 2010
Vulnerability identifier: APSA10-02
CVE number: CVE-2010-2883


Current exploits in the wild target the Windows platform. Customers using Adobe Reader or Acrobat 9.3.4 or earlier on Windows can utilize Microsoft's Enhanced Mitigation Evaluation Toolkit (EMET) to help prevent this vulnerability from being exploited. For more information on EMET and implementing this mitigation, please refer to the Microsoft Security Research and Defense blog. Note that due to the time-sensitive nature of this issue, testing of the functional compatibility of this mitigation has been limited. Therefore, we recommend that you also test the mitigation in your environment to minimize any impact on your workflows.


Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit

Collapse -
EMET 2.0 and Windows XP SP3 Professional
by boomslang / September 13, 2010 3:17 AM PDT

Does EMET actually function in this OS install? I have tried it on several systems, and no program added to EMET's protected protrams list ever shows as running with EMET.

Collapse -
Yes, I have it installed in Vista and Windows 7
by Donna Buenaventura / September 13, 2010 1:42 PM PDT

I able to add applications like Adobe Reader to use EMET protection.
After you install, click "configure" applications then browse for the executable of Adobe Reader, for example. Open Adobe Reader and you should see it protected in EMET. Same goes for other executables e.g. Internet Explorer, Outlook Express etc.

Collapse -
Please re-read the subject -> Windows XP SP3 <-
by boomslang / September 13, 2010 2:09 PM PDT

I also have it running on all the Windows 7 machines here and verified that EMET is shimming Acrobat Reader.


On the Windows XP SP3 computers, I can install EMET, start it, navigate to acrord32.exe, include it with all the checks.

The next step is really important, verification that it really is working. With EMET open, start Acrobat Reader and look for acrord32.exe in the running processes list.

Under Windows 7, you will see a check mark in the column titled "running with EMET". Good, it should be protecting Acrobat Reader.

Has anyone had EMET under Windows XP SP3 show the check in the "running with EMET" column for acrord32.exe? I have not seen evidence that EMET works. It won't even show a check while running notepad.

Collapse -
Let me try it in my XP SP3 now
by Donna Buenaventura / September 13, 2010 2:23 PM PDT

Will post back my result.

Collapse -
Done testing in XP Pro SP3
by Donna Buenaventura / September 13, 2010 2:52 PM PDT
Collapse -
Thank you for confirming...
by boomslang / September 13, 2010 5:13 PM PDT

I now have to figure out what's blocking its ability to run on these systems. It's just as I was starting on the fourth system, I was needing some backup to help determine where the failure is occurring. There's not a lot of information available at the moment.

Collapse -
You're welcome.
by Donna Buenaventura / September 13, 2010 5:15 PM PDT

Glad you've figured out what is blocking and hope you'll be able to use EMET in the XP soon. Happy

Collapse -
One problem...
by boomslang / September 14, 2010 2:12 AM PDT

Despite the fact that version was announced as being released, the Microsoft download site was apparently still serving the old version. If you are having problems with Windows XP, this may be your problem. Redownload and reinstall...

Collapse -
Not needed for XP ??
by rjschmoe / September 15, 2010 7:13 AM PDT

I got this alert and installed EMET on XP and added acrord32 to DEP , but could not select the lower 2 options, I then read the HELP file that installed also and they are really used only for Vista and Win7.
Looking at it, I realized I could mess with DEP on XP without the program -
System Properties, click Start,Control Panel, then double-click System.
Click the Advanced tab and, under Performance, click Settings.
Click the Data Execution Prevention tab.
No need for EMET on XP ?? Just turn it on on the tab and add acrord32.exe

Collapse -
Scheduled Update for the above security issues
by Donna Buenaventura / September 13, 2010 1:43 PM PDT

From Adobe PSRIT blog:

We just updated the Security Advisory (APSA10-02) posted on Wednesday, September 8, 2010 to include the planned schedule for a patch to resolve CVE-2010-2883. Adobe plans to make available updates for Adobe Reader and Acrobat 9.3.4 for Windows, Macintosh and UNIX during the week of October 4, 2010. In the meantime, we have provided a mitigation option for Windows users; see the Security Advisory for details.

Please note that these Adobe Reader and Acrobat updates represent an accelerated release of the next quarterly security updates originally scheduled for October 12, 2010. With this accelerated schedule, we do not plan to release any new updates for Adobe Reader and Acrobat on October 12, 2010.



September 13, 2010 - Updated information on the release schedule, and that the releases represent the next quarterly security update (originally scheduled for October 12, 2010).

Popular Forums
Computer Help 51,224 discussions
Computer Newbies 10,453 discussions
Laptops 20,090 discussions
Security 30,722 discussions
TVs & Home Theaters 20,937 discussions
Windows 10 1,295 discussions
Phones 16,252 discussions
Windows 7 7,684 discussions
Networking & Wireless 15,215 discussions

CNET's Oh, Snap! Sweepstakes

Enter for a chance to win* a 360-degree camera

Do you Snapchat? We want you to snap for this sweepstakes and give you the chance to get your hands on the Theta S so you can make your very own 360-degree videos.