As expected, Adobe today released a Security Bulletin [APSB11-24] for its Reader and Acrobat software, for the Windows and Mac OS X platforms. The bulletin addresses 13 identified security vulnerabilities, and is rated Critical by Adobe. The following versions of the software are affected:
- Adobe Reader X (10.1) and earlier 10.x versions
- Adobe Reader 9.4.5 and earlier 9.x versions
- Adobe Acrobat X (10.1) and earlier 10.x versions
- Adobe Acrobat 9.4.5 and earlier 9.x versions
- Adobe Acrobat 8.3 and earlier 8.x versions
The updates bring the current version numbers to Adobe Reader X 10.1.1, Reader 9.4.6, and Acrobat 9.4.6. Adobe Reader 9.4.5 for UNIX/Linux is also affected; version 9.4.6 for that platform is scheduled for release November 7, 2011.
You can get the new version of Reader using the products built-in update mechanism (Help -> Check for Updates). You can also download the update, for Windows or Mac OS X, from Adobe’s site. This is an update, not a full installation package, so you must have the previous version already installed. For Acrobat updates, see the links in the Security Bulletin.
I recommend installing the new version as soon as you conveniently can.