Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0073
Security Updates Available for Adobe Acrobat and Reader
11 January 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Adobe Acrobat and Reader
Publisher: Adobe
Operating System: Windows
OS X
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2017-2967 CVE-2017-2966 CVE-2017-2965
CVE-2017-2964 CVE-2017-2963 CVE-2017-2962
CVE-2017-2961 CVE-2017-2960 CVE-2017-2959
CVE-2017-2958 CVE-2017-2957 CVE-2017-2956
CVE-2017-2955 CVE-2017-2954 CVE-2017-2953
CVE-2017-2952 CVE-2017-2951 CVE-2017-2950
CVE-2017-2949 CVE-2017-2948 CVE-2017-2947
CVE-2017-2946 CVE-2017-2945 CVE-2017-2944
CVE-2017-2943 CVE-2017-2942 CVE-2017-2941
CVE-2017-2940 CVE-2017-2939
Reference: ESB-2017.0051
Original Bulletin:
https://helpx.adobe.com/security/products/acrobat/apsb17-01.html
- --------------------------BEGIN INCLUDED TEXT--------------------
Adobe Security Bulletin
Security Updates Available for Adobe Acrobat and Reader
Release date: January 5, 2017
Last updated: January 10, 2017
Vulnerability identifier: APSB17-01
Priority: 2
CVE numbers: CVE-2017-2939, CVE-2017-2940, CVE-2017-2941, CVE-2017-2942,
CVE-2017-2943, CVE-2017-2944, CVE-2017-2945, CVE-2017-2946, CVE-2017-2947,
CVE-2017-2948, CVE-2017-2949, CVE-2017-2950, CVE-2017-2951, CVE-2017-2952,
CVE-2017-2953, CVE-2017-2954, CVE-2017-2955, CVE-2017-2956, CVE-2017-2957,
CVE-2017-2958, CVE-2017-2959, CVE-2017-2960, CVE-2017-2961, CVE-2017-2962,
CVE-2017-2963, CVE-2017-2964, CVE-2017-2965, CVE-2017-2966, CVE-2017-2967
Platform: Windows and Macintosh
Summary
Adobe has released security updates for Adobe Acrobat and Reader for Windows
and Macintosh. These updates address critical vulnerabilities that could
potentially allow an attacker to take control of the affected system.
Affected Versions
Product Track Affected Versions Platform
Acrobat DC Continuous 15.020.20042 and earlier versions Windows and Macintosh
Acrobat Reader DC Continuous 15.020.20042 and earlier versions Windows and Macintosh
Acrobat DC Classic 15.006.30244 and earlier versions Windows and Macintosh
Acrobat Reader DC Classic 15.006.30244 and earlier versions Windows and Macintosh
Acrobat XI Desktop 11.0.18 and earlier versions Windows and Macintosh
Reader XI Desktop 11.0.18 and earlier versions Windows and Macintosh
For questions regarding Acrobat DC, please visit the Acrobat DC FAQ page. For
questions regarding Acrobat Reader DC, please visit the Acrobat Reader DC
FAQ page.
Solution
Adobe recommends users update their software installations to the latest
versions by following the instructions below.
The latest product versions are available to end users via one of the
following methods:
Users can update their product installations manually by choosing Help >
Check for Updates.
The products will update automatically, without requiring user
intervention, when updates are detected.
The full Acrobat Reader installer can be downloaded from the Acrobat
Reader Download Center.
For IT administrators (managed environments):
Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/,
or refer to the specific release note version for links to installers.
Install updates via your preferred methodology, such as AIP-GPO,
bootstrapper, SCUP/SCCM (Windows), or on Macintosh, Apple Remote
Desktop and SSH.
Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version:
Product Track Updated Versions Platform Priority Rating Availability
Acrobat DC Continuous 15.023.20053 Windows and Macintosh 2 Windows
Macintosh
Acrobat Reader DC Continuous 15.023.20053 Windows and Macintosh 2 Download Center
Acrobat DC Classic 15.006.30279 Windows and Macintosh 2 Windows
Macintosh
Acrobat Reader DC Classic 15.006.30279 Windows and Macintosh 2 Windows
Macintosh
Acrobat XI Desktop 11.0.19 Windows and Macintosh 2 Windows
Macintosh
Reader XI Desktop 11.0.19 Windows and Macintosh 2 Windows
Macintosh
Vulnerability Details
These updates resolve a type confusion vulnerability that could lead
to code execution (CVE-2017-2962).
These updates resolve use-after-free vulnerabilities that could
lead to code execution (CVE-2017-2950, CVE-2017-2951, CVE-2017-2955,
CVE-2017-2956, CVE-2017-2957, CVE-2017-2958, CVE-2017-2961).
These updates resolve heap buffer overflow vulnerabilities that could
lead to code execution (CVE-2017-2942, CVE-2017-2945, CVE-2017-2946,
CVE-2017-2949, CVE-2017-2959, CVE-2017-2966).
These updates resolve buffer overflow vulnerabilities that could lead
to code execution (CVE-2017-2948, CVE-2017-2952).
These updates resolve memory corruption vulnerabilities that could
lead to code execution (CVE-2017-2939, CVE-2017-2940, CVE-2017-2941,
CVE-2017-2943, CVE-2017-2944, CVE-2017-2953, CVE-2017-2954,
CVE-2017-2960, CVE-2017-2963, CVE-2017-2964, CVE-2017-2965,
CVE-2017-2967).
These updates resolve a security bypass vulnerability (CVE-2017-2947).
Acknowledgements
Adobe would like to thank the following individuals and organizations for
reporting the relevant issues and for working with Adobe to help protect
our customers:
Jaanus Kääp of Clarified Security (CVE-2017-2939)
kelvinwang of Tencent PC Manager (CVE-2017-2955, CVE-2017-2956,
CVE-2017-2957, CVE-2017-2958)
Steven Seeley of Source Incite working with Trend Micro's Zero Day
Initiative and Kushal Arvind Shah of Fortinet's FortiGuard Labs
(CVE-2017-2946)
Sebastian Apelt (siberas) working with Trend Micro's Zero Day Initiative
(CVE-2017-2961, CVE-2017-2967)
Ke Liu of Tencent's Xuanwu LAB (CVE-2017-2940, CVE-2017-2942,
CVE-2017-2943, CVE-2017-2944, CVE-2017-2945, CVE-2017-2952,
CVE-2017-2953, CVE-2017-2954)
kdot working with Trend Micro's Zero Day Initiative (CVE-2017-2941)
Nicolas Grgoire (Agarri) working with Trend Micro's Zero Day Initiative
(CVE-2017-2962)
Nicolas Grégoire - Agarri working with iDefense Vulnerability
Contributor Program (CVE-2017-2948)
Anonymous working with Trend Micro's Zero Day Initiative (CVE-2017-2950,
CVE-2017-2951)
Ke Liu of Tencent's Xuanwu LAB working with Trend Micro's Zero Day
Initiative (CVE-2017-2959, CVE-2017-2960, CVE-2017-2963, CVE-2017-2964,
CVE-2017-2965, CVE-2017-2966)
Wei Lei and Liu Yang of Nanyang Technological University and Anonymous
working with Trend Micro's Zero Day Initiative (CVE-2017-2949)
Alex Inführ of Cure53.de (CVE-2017-2947)
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWHWdKIx+lLeg9Ub1AQgjaBAAkuLFDiGLR+G/JGum+zsouLAZ53NIPuXq
s8mxbMQO02aCrT54HEQO7qXi7k3rd3aCeynE5pMPrlbAgz1fM1IDZEMnmmgh1VTS
uX3Odms59LXHuBB4ZMrX+XcHqDbjmEzK6wdGRTlVbeItZK+HrVj5C4BL/9BA/4qK
I6Lf/zmGLaioaj33GFUlawhhSVRB3X2mO+1KcB8bW9WpsKUyaYH4BStHJ3e93bX/
CZqDK20dZDnZ/5wsH4Ces3DQ0hV41rOt4cjY4rUG4GBKHDr2cf/k15AJMawj8sln
XO1o3WUwAHM9nhR8uBSMmtA4sTwmyvDvHIrvpgOEjKU8haEnanxTVcZpafOwxtUB
+G+2QKnyUBbIhSmNT3WU/LS8Mms6m/93jXNWy7Zg1AzYMhkZqDwXClQ+GZpQxg5B
EouYGFd38D04bnYUe2AhnA1RIQJ2DmQWMEsli5ThJqa1CZDvlY5kBPt7R1frJSXD
3ukgLP1eU/pDvTfJuqoCm+q1Nl8rKRTPBmHP/VdanKiFqlop0nwDaVFpPXuykGHB
sqGcFHh/gSV89jKLApp+SWeyvJ0mpy1ZJ4A/tQKE22GjqEZznhWK75lXvIC9hKNM
x5JZmSpj9j7o75PDkogEJhinh/va8qAW7gW3fK6J2T3rDyd7p87TvpsXFlRLxDCb
woexS5oRms4=
=+TRR
-----END PGP SIGNATURE-----