December 7, 2011

Adobe Reader and Acrobat Vulnerability (CVE-2011-2462)

Chris Astacio

Yesterday, Adobe released a Security Advisory warning about a vulnerability in Adobe Reader and Acrobat. Adobe rated this vulnerability "critical," because it may allow an attacker to execute code remotely and take control of an affected system. Adobe is currently working on a fix and planning to roll that fix out next week for the 9.x versions of its software for Windows. Because Adobe Reader X and Adobe Acrobat X have a sandboxing mechanism called Protected View, these versions will not allow code to be executed remotely. So for these newer X versions of the affected software, Adobe will issue a fix in its next quarterly update, currently scheduled for January 10, 2012. Adobe lists Protected View as a way to safeguard your system against this threat. Please be sure to use the X version of Adobe software and verify that Protected View is enabled. The Mitigations section of the Adobe Security Advisory explains how to do this for the X versions.



Websense Security Labs™ is aware of reports that this vulnerability has been used in the wild. We have updated ourAdvanced Classification Engine, ACE,  to help protect against and look for any other possible attacks in the wild.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.