If you have older versions of Reader or Acrobat (either version 10 or 11), we strongly advise you deploy the updated version right away to protect your computers against the APSB15-10 vulnerability. (There is also a critical update for Adobe Flash [APSB15-09] that has critical security patches. The solutions below can applied the same way.)

See the Adobe Reader Security Bulletin. According to Adobe’s severity ratings page, this vulnerability is rated a Critical Priority 1, which they define as [an] update [that] resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible (for example, within 72 hours).

Solutions

Automatic Updates

If update checks are enabled, then the product’s default update mechanism will update to the latest version automatically.

Package Library

Our package library contains two packages that you can silently deploy to all of your machines to protect them against the Adobe Reader Zero-Day.

We do not have a package for Adobe Acrobat, however you can download the latest version from Adobe’s site here, and create your own package with PDQ Deploy.

Uninstall

It might be time to start the migration from Adobe Reader 10 and 11 to Adobe Reader DC. If you have an Enterprise License, you can deploy the Uninstall packages for Reader, and then deploy the Adobe Reader DC Continuous Track (recommended).

Adobe Reader has been through some interesting changes in the last quarterly release. We won’t go into it too much but the Adobe Reader DC comes in two “tracks”: Continuous and Classic.

In a nutshell, the Continuous track has more frequent updates that will include new features as well. The Classic has fewer updates and does not include new features.

If you would like to customize your deployment you would like to make to your deployment of Adobe Reader, be sure to check out this blog post to see how it’s done.