On September 19, 2018, Adobe released security updates for Acrobat/Reader [1] to fix several critical vulnerabilities. ISC strongly recommends that users with Acrobat/Reader that are not configured to auto-update manually update their installations as soon as possible. These vulnerabilities can lead to remote-code execution and should be remediated as quickly as possible.
Systems managed by ISC's IBM Endpoint Manager ("BigFix") can expect to be patched for this vulnerability shortly. Systems administrators of other endpoint management solutions are strongly encouraged to push this patch to their deployments.
Adobe states that, by default, Acrobat Reader should update automatically when updates are available.
To download the latest version of Acrobat Reader manually:
http://get.adobe.com/reader
For information about these security bulletins:
[1] https://helpx.adobe.com/security/products/acrobat/apsb18-34.html
View All Alerts & Outages