Adobe January 2012 Black Tuesday overview

Published: 2012-01-10
Last Updated: 2012-01-10 19:38:39 UTC
by Adrien de Beaupre (Version: 1)
7 comment(s)

Adobe has released 1 bulletin today.

This updates Adobe products to the following versions:

  • Adobe Reader and Acrobat
    • 10.1.1 and previous
# Affected Known Exploits Adobe rating
APSB12-01 Multiple vulnerabilities in the adobe reader and adobe acrobat software allow privilege escalation (windows only) or random code execution.
Reader & Acrobat

Could allow for remote code execution. Update to 10.1.2 or 9.5. Critical

APSB11-30 and APSA11-04 were also updated.

Next scheduled Adobe security update is 10 April 2012.

Adrien de Beaupré

7 comment(s)



On reading the release docs, it appears version 8.3 isn't affected. Anyone else come to that conclusion? Are we finally doing better running and ancient version than the latest?
Looking at the revised bulletin, APSB 11-30, it appears that Linux users need an update also. Under "Affected Software":
Adobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh and Linux

Under "Solutions":
Adobe Reader 9.x users on Linux can find the appropriate update here:

Repete - Adobe end of life'd Acrobat 8.x, so there are no patches at all and there wasn't any mention of 8.x in the last security bulletin. Scary times.
After upgrading to 10.1.2 our machines (XP SP3) started duplex printing pdfs by default. After some digging, creating/changing this key fixes the problem:

[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\10.0\AVGeneral]

Maybe this will help someone else.
Perhaps I've missed something, but it appears to me that it has now been 34 days since the 0-day was announced in Adobe Flash (see and there has yet to be even an acknowledgment from Adobe that they are working on the issue.

NOT iprintBookletDuplexMode
Sorry for the confusion.
It's scheduled to be released two and three quarters days after you've finished patching all your Acrobat Reader installations.

Diary Archives