The safety alert issued for Adobe Acrobat & Reader has acquired an replace from BSI. You can examine which merchandise are affected by safety holes right here at information.de.
Federal Office for Security in Information Technology (BSI) printed a safety advisory for Adobe Acrobat & Reader on May 14, 2024. The software program accommodates a number of vulnerabilities that might be exploited by attackers. The safety vulnerability impacts the MacOS X and Windows working methods and the merchandise Adobe Acrobat, Adobe Acrobat Reader DC and Adobe Acrobat Reader.
The newest producer suggestions for updates, workarounds and safety patches for this vulnerability will be discovered right here: Adobe Security Bulletin (Stop: 14.05.2024).
Multiple vulnerabilities have been reported for Adobe Acrobat & Reader – Risk: average
Risk degree: 4 (average)
CVSS Base Score: 7.8
CVSS provisional rating: 6,8
Remote assault: No
The Common Vulnerability Scoring System (CVSS) is used to evaluate the vulnerability of pc methods. The CVSS commonplace makes it potential to match potential or precise safety dangers primarily based on numerous metrics to create a precedence checklist for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of the vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. Temporal scores additionally take note of modifications over time within the danger scenario. According to CVSS, the danger of the vulnerability talked about right here is taken into account “average” with 7.8 foundation factors.
Adobe Acrobat & Reader Bug: Impact of reported vulnerability exploits
Adobe Acrobat is a program for creating and viewing paperwork in Portable Document Format (PDF).Acrobat Reader is a program for viewing paperwork in Portable Document Format (PDF).Adobe Reader is a program for viewing paperwork in Portable Document Format (PDF).
A distant, unknown attacker may exploit a number of vulnerabilities in Adobe Acrobat DC, Adobe Acrobat Reader DC, Adobe Acrobat, and Adobe Acrobat Reader to execute arbitrary code or expose data.
Vulnerabilities are recognized by CVE (Common Vulnerabilities and Exposures) ID numbers. CVE-2024-30279, CVE-2024-30280, CVE-2024-30284, CVE-2024-30310, CVE-2024-30311, CVE-2024-30312, CVE-2024-340-2092, CVE-34092 2024-2092 2024-34096, CVE-2024-34097, CVE-2024-34098, CVE-2024-34099, CVE-2024-34100 and CVE-2024-34101 on the market.
Systems affected by the safety hole at a look
Operating methods
MacOS X, Windows
Products
Adobe Acrobat DC Adobe Acrobat Reader DC Adobe Acrobat Adobe Acrobat Adobe Acrobat Reader Adobe Acrobat Reader
General suggestions for addressing IT safety gaps
- Users of affected methods ought to keep up-to-date. When safety holes are identified, producers are required to repair them rapidly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
- For data, see the sources listed within the subsequent part. This usually accommodates further details about the newest model of the software program in query and the supply of safety patches or efficiency ideas.
- If you might have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to examine each time a producing firm makes a brand new safety replace out there.
Manufacturer details about updates, patches and workarounds
Here you will discover some hyperlinks with details about bug reviews, safety fixes and workarounds.
Adobe Security Bulletin vom 2024-05-14 (14.05.2024)
For extra data, see:
Version historical past of this safety alert
This is model 2 of this IT safety discover for Adobe Acrobat & Reader. If additional updates are introduced, this doc will likely be up to date. You can see the modifications made utilizing the model historical past under.
May 14, 2024 – First model
05/22/2024 – CVE-2024-30279, CVE-2024-30280 added
+++ Editorial observe: This doc relies on present BSI information and will likely be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++
comply with News.de you’re right here Facebook, Twitter, Pinterest once more YouTube? Here you will discover sizzling information, present movies and a direct line to the editorial workforce.
kns/roj/information.de