On May 14, 2018, Adobe released security updates for Adobe Acrobat/Reader[1] to fix several critical vulnerabilities. These vulnerabilities can lead to remote-code execution, and should be remediated as quickly as possible.
Systems managed by ISC's IBM Endpoint Manager ("BigFix") can expect to be patched for this vulnerability shortly. Systems administrators of other endpoint management solutions are strongly encouraged to push this patch to their deployments.
For users in unmanaged environments, ISC recommends users update their software installations to the latest versions by following the instructions below.
The latest product versions are available to end users via one of the following methods:
- Users can update their product installations manually by choosing Help > Check for Updates.
- By default, the products will update automatically, without requiring user intervention, when updates are detected.
- The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center[2].
For more information:
[1] https://helpx.adobe.com/security/products/acrobat/apsb18-09.html
[2] http://get.adobe.com/reader