Adobe Reader and Acrobat Critical Security Updates

[Corrine]

Adobe has released security updates for Adobe Reader and Acrobat XI for Windows. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.

Update checks can be manually activated by choosing Help > Check for Updates.

• Adobe Reader XI (11.0.21, Pro and Standard) for Windows is available here: Adobe - Adobe Reader : For Windows : Adobe Reader 11.0.21 update - All languages.
• Reader DC and other versions are available here: Adobe - Adobe Reader : For Windows.
• Acrobat for Windows update is available here: Adobe - Acrobat : For Windows

Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Release Notes | Acrobat, Reader
Security Bulletin

 

[Corrine]

Adobe Security Bulletin APSB17-24 for Adobe Acrobat and Reader has been updated to include the availability of new updates as of August 29.

From the blog post:

"The August 29 updates resolve a functional regression with XFA forms functionality that affected some users, as well as provide a resolution to security vulnerability CVE-2017-11223. This CVE was originally addressed in the August 8 updates (versions 2017.012.20093, 2017.011.30059 and 2015.006.30352). Due to a functional regression in those releases, optional hotfixes [0,1,2] were offered to affected customers that temporarily reverted the fix for CVE-2017-11223. The August 29 releases resolve both the functional regression and provide a fix for CVE-2017-11223.

At this time, Adobe is not aware of exploits in the wild for CVE-2017-11223, or any of the other issues addressed in the August 8 or August 29 releases.

References:

[0] Hotfix for 2017.012.20093
[1] Hotfix for 2017.011.30059
[2] Hotfix for 2015.006.30352"

Version 11.0.22 is available at 11.0.22 Out of cycle update, August 22, 2017 — Acrobat and Adobe Reader Release Notes.