I have the latest Adobe reader and made sure the settings allowed for opening of PDFs from the internet. We're all just other Mac users here, trying to help each other find solutions. My online tax return & the support team ensured that it would work on a Mac..aspx pages are equivalent to.php or.jsp - they are the. The Winmail.dat Reader free online version was developed for Mac, Linux, iPad, iPhone, Android, Blackberry (and so on) users who received Winmail.dat attachments files sent by MS Outlook and MS Exchange.
Security Updates available for Adobe Reader and Acrobat
Release date: May 12, 2015
Vulnerability identifier: APSB15-10
Priority: See table below
CVE Numbers: CVE-2014-8452, CVE-2014-9160, CVE-2014-9161, CVE-2015-3046, CVE-2015-3047, CVE-2015-3048, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, CVE-2015-3056, CVE-2015-3057, CVE-2015-3058, CVE-2015-3059, CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3070, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, CVE-2015-3074, CVE-2015-3075, CVE-2015-3076
Platform: Windows and Macintosh
Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions:
Users of Adobe Reader XI (11.0.10) and earlier versions should update to version 11.0.11.
Users of Adobe Reader X (10.1.13) and earlier versions should update to version 10.1.14.
Users of Adobe Acrobat XI (11.0.10) and earlier versions should update to version 11.0.11.
Users of Adobe Acrobat X (10.1.13) and earlier versions should update to version 10.1.14.
Adobe Reader XI (11.0.10) and earlier 11.x versions
Adobe Reader X (10.1.13) and earlier 10.x versions
Adobe Acrobat XI (11.0.10) and earlier 11.x versions
- Adobe Acrobat X (10.1.13) and earlier 10.x versions
Note: Adobe Acrobat Reader DC is not affected by the CVEs references in this bulletin.
Adobe recommends users update their software installations by following the instructions below:
Adobe Reader
The product's default update mechanism is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates.
Adobe Reader users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
Adobe Reader users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh
Adobe Acrobat
The product's default update mechanism is set to run automatic update checks on a regular schedule. Update checks can be manually activated by choosing Help > Check for Updates.
Acrobat Standard and Pro users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows
Acrobat Pro users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh
Adobe categorizes these updates with the following priority ratings and recommends users update their installations to the newest versions:
| Product | Updated Version | Platform | Priority rating |
|---|---|---|---|
| Adobe Reader | 11.0.11 | Windows and Macintosh | 1 |
| 10.1.14 | Windows and Macintosh | 1 | |
| Adobe Acrobat | 11.0.11 | Windows and Macintosh | 1 |
| 10.1.14 | Windows and Macintosh | 1 |
These updates address critical vulnerabilities in the software.
Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address vulnerabilities that could potentially allow an attacker to take over the affected system. Adobe recommends users update their product installations to the latest versions:
Users of Adobe Reader XI (11.0.10) and earlier versions should update to version 11.0.11.
Users of Adobe Reader X (10.1.13) and earlier versions should update to version 10.1.14.
Users of Adobe Acrobat XI (11.0.10) and earlier versions should update to version 11.0.11.
Users of Adobe Acrobat X (10.1.13) and earlier versions should update to version 10.1.14.
Sony Reader For Mac
These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, CVE-2015-3075).
Kindle Reader For Mac
These updates resolve heap-based buffer overflow vulnerabilities that could lead to code execution (CVE-2014-9160).
Free Adobe Reader For Mac
These updates resolve a buffer overflow vulnerability that could lead to code execution (CVE-2015-3048).
These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, CVE-2015-3076).
These updates resolve a memory leak (CVE-2015-3058).
Acrobat Reader For Mac
These updates resolve various methods to bypass restrictions on Javascript API execution (CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, CVE-2015-3074).
These updates resolves a null-pointer dereference issue that could lead to a denial-of-service condition (CVE-2015-3047).
These updates provide additional hardening to protect against CVE-2014-8452, a vulnerability in the handling of XML external entities that could lead to information disclosure.
Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:
AbdulAziz Hariri of HP Zero Day Initiative (CVE-2015-3053, CVE-2015-3055, CVE-2015-3057, CVE-2015-3058, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073)
Alex Inführ of Cure53.de (CVE-2014-8452, CVE-2015-3076)
Anonymously reported through Beyond Security's SecuriTeam Secure Disclosure (CVE-2015-3075)
bilou, working with HP Zero Day Initiative (CVE-2015-3059)
Brian Gorenc of HP Zero Day Initiative (CVE-2015-3054, CVE-2015-3056, CVE-2015-3061, CVE-2015-3063, CVE-2015-3064)
Dave Weinstein of HP Zero Day Initiative (CVE-2015-3069)
instruder of Alibaba Security Research Team (CVE-2015-3070)
lokihardt@asrt working with HP's Zero Day Initiative (CVE-2015-3074)
Mateusz Jurczyk of Google Project Zero (CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052)
Mateusz Jurczyk of Google Project Zero and Gynvael Coldwind of Google Security Team (CVE-2014-9160, CVE-2014-9161)
Simon Zuckerbraun working with HP Zero Day Initiative (CVE-2015-3060, CVE-2015-3062)
Wei Lei, as well as Wu Hongjun and Wang Jing of Nanyang Technological University (CVE-2015-3047)
Wei Lei, as well as Wu Hongjun of Nanyang Technological University (CVE-2015-3046)
Xiaoning Li of Intel Labs and Haifei Li of McAfee Labs IPS Team (CVE-2015-3048)
Upgraded from 10.4.11 to 10.5.6 then thru software updates on to 10.5.8 this weekend. All went well except for a glitch in Mail that I fixed by deleting p.list and editing outgoing Smtp server. My new problem is I went to download my bank statement which always in in PDF format and it downloaded fine, except the file extension is now a .jsp. Do I need to reset something inside preferences? I am mystified. The bank has made no changes to their format. Preview still opens PDF files. Any help is appreciated.