Adobe Reader 9.1

[Pat Willener]

Adobe Reader 9.1 is available.

Download:
http://download.adobe.com/pub/adobe/reader/win/9.x/9.1/enu/AdbeRdr910_en_US.exe
(English version)
Other languages: ftp://ftp.adobe.com/pub/adobe/reader/win/9.x/9.1/
(click on the appropriate language to get to the download link)


No details are currently available about the nature of this update, but
most likely it fixes the recent security vulnerability
(http://www.adobe.com/support/security/advisories/apsa09-01.html).

 

[Randy Knobloch]

Adobe Reader 9.1 is available.

Download:
http://download.adobe.com/pub/adobe/reader/win/9.x/9.1/enu/AdbeRdr910_en_US.exe
(English version)
Other languages: ftp://ftp.adobe.com/pub/adobe/reader/win/9.x/9.1/
(click on the appropriate language to get to the download link)


No details are currently available about the nature of this update, but
most likely it fixes the recent security vulnerability
(http://www.adobe.com/support/security/advisories/apsa09-01.html).

Thanks, Pat

Uninstalled previous build and re-booted just to be sure I had a clean install.
<rant>
Huge install for third-party software !
Clueless users or the unaware *will* get the Google Toolbar !
</rant>

 

[robinb]

aren't they suppose to be issuing the patch for adobe 9/8 on march 12th?
I guess we have to wait and see
robin

 

[Randy Knobloch]

aren't they suppose to be issuing the patch for adobe 9/8 on march 12th?
I guess we have to wait and see

The patch-update was scheduled for today, Robin.
See advisory as Pat had originally posted >
<http://www.adobe.com/support/security/advisories/apsa09-01.html>

 

[Pat Willener]

See the new Security Bulletin regarding the details of 9.1, as well as
the schedule for 8.x and 7.x:

http://www.adobe.com/support/security/bulletins/apsb09-03.html

 

[Randy Knobloch]

See the new Security Bulletin regarding the details of 9.1, as well as
the schedule for 8.x and 7.x:

http://www.adobe.com/support/security/bulletins/apsb09-03.html

Thanks, Pat - nice to hear from the horse's mouth at last.

 

[Donald Anadell]

Anyone else besides me wondering if it's safe to turn on JavaScript in
Adobe Reader again after this update?

Hi Dave,

If you've installed Adobe Reader version 9.1 you shouldn't have any
reservations about turning JavaScript back on.

http://www.adobe.com/support/security/advisories/apsa09-01.html
Vulnerability identifier: APSA09-01
CVE number: CVE-2009-0658
"Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and
Acrobat"

Adobe Reader version 9.1 resolves the security issue detailed above CVE
number: CVE-2009-0658
http://blogs.adobe.com/psirt/

Good luck,

Donald Anadell

 

[Bill Sanderson]

So at about the time you posted this, I'd just completed patching my
collection of machines for the Microsoft patches.

I sure wish I'd had this one before I began that process--because it is on
every one of them, of course!

My understanding is that this does fix the outstanding security
vulnerability, so everyone using Adobe Reader should watch for updates for
their versions and apply them.

I believe Adobe has said that other versions will be patched by the 18th or
so...

Adobe Reader 9.1 is available.

Download:
http://download.adobe.com/pub/adobe/reader/win/9.x/9.1/enu/AdbeRdr910_en_US.exe
(English version)
Other languages: ftp://ftp.adobe.com/pub/adobe/reader/win/9.x/9.1/ (click
on the appropriate language to get to the download link)


No details are currently available about the nature of this update, but
most likely it fixes the recent security vulnerability
(http://www.adobe.com/support/security/advisories/apsa09-01.html).

--

 

[Bill Sanderson]

two thoughts:

1) there were later reports that indicated that simply turning javascript
off DID NOT mitigate this vulnerability.
2) If you don't need it on, turning it off shouldn't hurt anything. OTOH,
issues like this tend to result in perplexity when you DO need javascript
and have no idea why something is failing, months later.

Anyone else besides me wondering if it's safe to turn on JavaScript in
Adobe Reader again after this update?

"Reports have been published that disabling JavaScript in Adobe Reader and
Acrobat can protect users from this issue. Disabling JavaScript provides
protection against currently known attacks. However, the vulnerability is
not in the scripting engine and, therefore, disabling JavaScript does not
eliminate all risk. Should users choose to disable JavaScript, it can be
accomplished following the instructions below:
1.. Launch Acrobat or Adobe Reader.
2.. Select Edit>Preferences
3.. Select the JavaScript Category
4.. Uncheck the 'Enable Acrobat JavaScript' option
5.. Click OK "
- http://www.adobe.com/support/security/advisories/apsa09-01.html

_

Regards, Dave

--

 

[Pat Willener]

Adobe Acrobat and Reader 9.1 Release Notes:

http://www.adobe.com/go/kb408814

 

[gene]

Adobe Acrobat and Reader 9.1 Release Notes:

http://www.adobe.com/go/kb408814

I note that this is a version 9 issue. I have Acrobat Pro 8.x through
CS3 and they haven't touched that since November.

Gene

 

[Bill Sanderson]

NO--this is not a version 9 issue--it is probably an issue for EVERY version
of Adobe Reader and Acrobat.

Version 9 is just the first version they have issued a fix for--and not all
versions of 9, at that.

I note that this is a version 9 issue. I have Acrobat Pro 8.x through
CS3 and they haven't touched that since November.

Gene

--

 

[Donald Anadell]

I note that this is a version 9 issue. I have Acrobat Pro 8.x through
CS3 and they haven't touched that since November.

http://blogs.adobe.com/psirt/

"We expect updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, to be
available by March 18."

Good luck,

Donald Anadell

 

[gene]

http://blogs.adobe.com/psirt/

"We expect updates for Adobe Reader 7 and 8, and Acrobat 7 and 8, to be
available by March 18."

Thanks. Helpful info.