Adobe has issued a Prenotification Security Advisory [APSB11-24] for critical security updates to its Reader and Acrobat software for Windows and Mac OS X. The company plans to release these updates on Tuesday, September 13. According to the advisory, the following versions of the software for Windows and Macintosh are affected:
- Adobe Reader X (10.1) and earlier 10.x versions
- Adobe Reader 9.4.5 and earlier 9.x versions
- Adobe Acrobat X (10.1) and earlier 10.x versions
- Adobe Acrobat 9.4.5 and earlier 9.x versions
- Adobe Acrobat 8.3 and earlier 8.x versions
In a post yesterday on its “Product Security Incident Response Team” [PSIRT] blog, Adobe has described its response to the security breach at DigiNotar, the Dutch Certificate Authority.
We are in the process of removing the DigiNotar Qualified CA certificate from the Adobe Approved Trust List (AATL) and will post an update on this action tomorrow.
The post also includes instructions for manually removing DigiNotar certificates from Reader and Acrobat (this applies only to versions 9.x and higher of these products).
I will post another note here next Tuesday when the security updates have been released.