Zscaler Security Advisories

Security Advisory - January 19, 2016

Zscaler Protects against Multiple Security Vulnerabilities in Adobe Acrobat Reader

Zscaler, working with Microsoft through their MAPP program, has deployed protections for the following 8 vulnerabilities included in the January 2016 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections as necessary.

APSB16-02 – Security updates available for Acrobat Reader

Severity: Critical
Affected Software

  • Acrobat DC 15.009.20077 and earlier versions
  • Acrobat Reader DC 15.009.20077 and earlier versions
  • Acrobat DC 15.006.30097 and earlier versions
  • Acrobat Reader DC 15.006.30097 and earlier versions
  • Acrobat XI 11.0.13 and earlier versions
  • Reader XI 11.0.13 and earlier versions

CVE-2016-0931 – Acrobat Reader Memory Corruption Vulnerability

CVE-2016-0933 – Acrobat Reader Memory Corruption Vulnerability

CVE-2016-0937 – Acrobat Reader Use After Free Vulnerability

CVE-2016-0940 – Acrobat Reader Use After Free Vulnerability

CVE-2016-0941 – Acrobat Reader Use After Free Vulnerability

CVE-2016-0943 – Acrobat Reader Security Bypass Vulnerability

CVE-2016-0944 – Acrobat Reader Memory Corruption Vulnerability

CVE-2016-0947 – Acrobat Reader Uncontrolled Search Path Element Vulnerability

Description: Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system.