Adobe Reader Changelog

New in version 9.4.6

November 8th, 2011
  • Several security vulnerabilities were resolved.
  • These vulnerabilities could cause the application to crash and potentially allow an attacker to take control of the affected system.
  • The vulnerabilities addressed are CVE-2011-1353, CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434, CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439, CVE-2011-2440, CVE-2011-2441, and CVE-2011-2442.

New in version 9.4.2 (March 14th, 2011)

  • Many critical security vulnerabilities were resolved.
  • Several of these could cause the application to crash and potentially allow remote execution of code.
  • Furthermore, the Adobe Flash Player fixes noted in the Security Bulletin APSB11-02 were incorporated.

New in version 9.4 (October 6th, 2010)

  • Critical vulnerabilities have been identified in Adobe Reader 9.3.4 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.4 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.4 (and earlier versions) and Adobe Acrobat 8.2.4 (and earlier versions) for Windows and Macintosh. These vulnerabilities, including CVE-2010-2883, referenced in Security Advisory APSA10-02, and CVE-2010-2884 referenced in the Adobe Flash Player Security Bulletin APSB10-22, could cause the application to crash and could potentially allow an attacker to take control of the affected system.
  • Adobe recommends users of Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.4. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.4, Adobe has provided the Adobe Reader 8.2.5 update.) Adobe recommends users of Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.4. Adobe recommends users of Adobe Acrobat 8.2.4 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.5.
  • Note that the October 5, 2010 updates represent an accelerated release of the next quarterly security update originally scheduled for October 12, 2010. With this accelerated schedule, Adobe will not release additional updates for Adobe Reader and Acrobat on October 12, 2010. The next quarterly security updates for Adobe Reader and Acrobat are scheduled for February 8, 2011.

New in version 9.3.4 (August 20th, 2010)

  • Critical vulnerabilities have been identified in Adobe Reader 9.3.3 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.3 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.3 (and earlier versions) and Adobe Acrobat 8.2.3 (and earlier versions) for Windows and Macintosh. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
  • These updates address CVE-2010-2862, which was discussed at the Black Hat USA 2010 security conference on Wednesday, July 28, 2010. They also incorporate the Adobe Flash Player update as noted in Security Bulletin APSB10-16.
  • Adobe recommends users of Adobe Reader 9.3.3 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.4. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.4, Adobe has provided the Adobe Reader 8.2.4 update.) Adobe recommends users of Adobe Acrobat 9.3.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.4. Adobe recommends users of Adobe Acrobat 8.2.3 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.4.
  • Note that today's updates mentioned in this bulletin represent an out-of-cycle release. The next quarterly security updates for Adobe Reader and Acrobat is scheduled for October 12, 2010.

New in version 9.3.3 (June 30th, 2010)

  • Critical vulnerabilities have been identified in Adobe Reader 9.3.2 (and earlier versions) for Windows, Macintosh and UNIX, Adobe Acrobat 9.3.2 (and earlier versions) for Windows and Macintosh, and Adobe Reader 8.2.2 (and earlier versions) and Adobe Acrobat 8.2.2 (and earlier versions) for Windows and Macintosh. These vulnerabilities, including CVE-2010-1297 referenced in Security Advisory APSA10-01, could cause the application to crash and could potentially allow an attacker to take control of the affected system.
  • Adobe recommends users of Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh and UNIX update to Adobe Reader 9.3.3. (For Adobe Reader users on Windows and Macintosh, who cannot update to Adobe Reader 9.3.3, Adobe has provided the Adobe Reader 8.2.3 update.) Adobe recommends users of Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh update to Adobe Acrobat 9.3.3. Adobe recommends users of Adobe Acrobat 8.2.2 and earlier versions for Windows and Macintosh update to Adobe Acrobat 8.2.3.
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-1297).
  • Note: There are reports that this issue is being actively exploited in the wild.
  • This update mitigates a social engineering attack that could lead to code execution (CVE-2010-1240).
  • This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-1285).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-1295).
  • This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-2168).
  • This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-2201).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2202).
  • This update resolves a UNIX-only memory corruption vulnerability that could lead to code execution (CVE-2010-2203).
  • This update resolves a denial of service vulnerability; arbitrary code execution has not been demonstrated, but may be possible (CVE-2010-2204).
  • This update resolves an uninitialized memory vulnerability that could lead to code execution (CVE-2010-2205).
  • This update resolves an array-indexing error vulnerability that could lead to code execution (CVE-2010-2206).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2207).
  • This update resolves a dereference deleted heap object vulnerability that could lead to code execution (CVE-2010-2208).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2209).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2210).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2211).
  • This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2212).

New in version 9.3.2 (April 14th, 2010)

  • PDF Maker:
  • Word document uploaded on the acrobat.com service runs into a timeout situation
  • Viewer:
  • Loading pdf multiple times in same process caused memory leak in windows browsers
  • Security:
  • Watermark visibility remains unchanged for a policy protected document (with watermark) when using it as background or foreground
  • Long term validation data for the OSCP response is not being embedded in the signature at signing time which results in invalid signatures that should be valid.
  • PPKlite plugin crashes when validating digital signatures
  • 3D:
  • Reader in the browser crashes when viewing some PDF files
  • Performance degradation experienced after setting preferences to "Render points as cross-hairs when opening a PDF file
  • Trust Manager:
  • A PDF file trusted for Javascript still shows the Yellow bar and does not execute the javascript
  • When a PDF is added as a privileged location in Enhanced Security, Acrobat deletes the entry 'cAlwaysTrustedForJavaScript' under Key-\TrustManager\cTrustedFolders\
  • Adding a privileged location host from the Options button on the JavaScript injection Yellow Message Bar populates 1/2 of the privileged location keys it should.
  • bDisableTrustedSites and bDisableTrusted folders does not consistently prevent Options button from appearing on Yellow Message Bar for certain workflows.
  • Reader removes the “cAlwaysTrustedForJavaScript” value and places it in the “cUnsafeJavaScript” key with the same value when the same exact web site value is place in the Trusted Hosts UI for Enhanced Security

New in version 9.2 (October 14th, 2009)

  • Adobe Reader and Acrobat 9.2 software address a number of customer workflow issues and security vulnerabilities while providing more stability. Adobe always recommends that you install the latest updates.

New in version 8.1.3 (November 9th, 2008)

  • Product Area: 3D:
  • 1751883: Incorrect Radial measurement result when using "3D Snap to Radial Edges"
  • With certain 3D objects, the ?3D Snap to Radial Edges? would convert inches to millimeters, but incorrectly display ?inches?. This has been corrected. Root: fixes an issue found in version 8.1.2.
  • 1802448: Using ZoomToPart or FitVisible on a point model in perspective or orthographic view issue
  • The issue seen with a point model shown in perspective or orthographic view, when using ZoomtoPart or FitVisible has been resolved.Root: fixes an issue found in version 8.1.2.
  • Product Area: Forms:
  • 1576839: xfa.host.currentPage method does not immediately return to first page when direct rendering is on
  • With direct rendering enabled (note: this issue did not present itself when direct rendering was not enabled), the xfa.host.currentPage method would not return to the first page. This issue has been resolved.Root: issue found in 8.1.
  • 1648897: Scrolling through a dynamic form with large character offsets could cause crash
  • With large character offset values, an instability could result when scrolling though a dynamic form causing a possible crash. This issue has been resolved. Root: Fixes issue found in previous versions of 8.1.x.
  • 1832136: Tabbing may not visit all objects in bar code forms under direct render
  • An issue was found where tabbing would circulate through several objects without visiting all objects in a form containing a bar code with direct rendering enabled. The issue has been resolved. Root: Fixes issue found in 8.1.2.
  • 1571474: Unable to select checkbox after data has been merged
  • When merging invalid data into a checkbox field on a dynamic form using LiveCycle Forms or through Acrobat, the field will become un-checkable when using Adobe Reader 8.1 with direct rendering enabled. This issue has been resolved Root: Fixes issue found in 8.1.
  • 1573664: Form layout distortion with English Reader on simplified Chinese operating system
  • When direct rendering is enabled, some form layouts were distorted with English Reader on simplified Chinese operating system. Root: Fixes issue found in 8.1.
  • 1570890: Extra white pages added to end of document with direct rendering enabled
  • In some cases with direct rendering enabled, extra blank pages were added to the end of the document upon opening. This issue has been resolved. Root: Fixes issue found in 8.1.2.
  • 1817672: Still able to select checkbox and radio buttons that are set to readOnly with direct rendering on
  • With direct rendering enabled, checkboxes and radio buttons that were set to readOnly are now being enforced correctly.Root: Fixes issue found in 8.1.2.
  • 1863460: Copying a large amount of data into a multiline text field could cause crash
  • With direct rendering enabled, copying a large amount of data into a multiline text field could cause Reader to crash. This issue has been resolved.Root: Fixes issue found in 8.1.2.
  • 1816272: Drop down list shows scroll bar when direct rendering enabled
  • Drop down lists that incorrectly show a scroll bar when direct rendering is enabled has been resolved.Root: Fixes issue found in 8.1.2.
  • 1786212: Script written to change the comb property of a text field to true fails when direct rendering is enabled
  • With direct rendering enabled, the comb feature (the separation of letters into distinct fields) was failing. This issue has been resolved.Root: Fixes issue found in 8.1.2.
  • 1574683: vScrollPolicy = "off" could cause crash
  • The issue of using single-key accelerators to access tools (enabled) on a form that has vScrollPolicy set to OFF causing possible crashes has been resolved.Root: Fixes issue found in 8.1.
  • 1803776: Opening particular XFA files that have Text Formatting set to 'Legacy Version 6' can crash Acrobat and Reader 8.1.2 upon open
  • This issue has been resolved.Root: Fixes issue found in 8.1.2.
  • 1636801: LiveCycle Compatibility Warning: File submission taking much longer with stand alone than if in browser plug-in
  • A partial fix that improves the speed was implemented in Reader 8.1.3 but there is a limit to the size of the submission allowed. The limit is machine dependent but the upper limit is around 128 MB. A complete fix, which eliminates this limit, is implemented in Reader 9.0Root: Fixes issue found in 8.1.2.
  • 1568955: Some drop-down list items do not show up in dynamic forms with direct rendering enabled
  • In some cases, drop-down list items would not show up in dynamic forms with direct rendering enabled. This issue has been resolved.Root: Fixes issue found in 8.1.
  • 1566024: Drop-down list arrow is missing on small sizes
  • In some cases, when small sizes are used, the arrow signifying a drop-down list could be missing. This issue has been resolved.Root: Fixes issue found in 8.1
  • 1569778: Cannot type the first letter of a value in a drop-down list and get the value auto-selected
  • The ability to type the first letter of an item in a drop-down list and have it auto-selected has been resolved. Root: Fixes issue found in 8.1
  • 1609001: Read-only field appears interactive using a Chinese locale
  • fields marked readOnly for Chinese locales are now enforced correctly.Root: Fixes issue found in 8.1
  • 1637089: Overflow characters used incorrectly in some text boxes
  • When text does not fit into a field, overflow characters (e.g. ?+?) are used to express this scenario. The issue of displaying these characters even when the text could fit has been resolved. Root: Fixes issue found in 8.1.2.
  • 1829593: Hebrew fonts not displaying properly in some dynamic forms
  • The issue of not displaying some Hebrew fonts in dynamic forms incorrectly has been resolved.Root: Fixes issue found in 8.1.2.
  • 1677172: LiveCycle Compatibility Warning: Form with signatures takes longer to open in Acrobat 8.x, 9.x than when opened in 7.x
  • If the form was designed with Designer 7 or earlier and used scripting to lock fields after signing and if care was not taken with the handling of the lists of locked fields, the locking code could become very slow as the form was re-opened. As a work-around, Reader 8.1.3 and later implement a control in the node in a template named which controls when signatures are automatically validated. This solution is not recommended for most cases. Instead, form authors should use MDP+ signatures and field locking as provided in Designer 8 and later.Root: Fixes issue found in 8
  • 1570212 Multiple selection listbox does not keep items selected when focus leaves field
  • This issue has been resolved.Root: Fixes issue found in 8.1.
  • 1638325 "Software Error" after adding, and removing sub-forms
  • In some cases, end-users could get a ?Software Error? message after adding and removing sub-forms. This issue has been resolved. Root: Fixes issue found in 8.1.1.
  • 1581377 When using .applyXSL() to apply, extended characters can be corrupted
  • When using the SOM expression .applyXSL() to transform some XSL which includes extended characters, the extended characters are not encoded properly. This issue has been resolved.Root: Fixes issue found in 8.1.
  • 1684847 LiveCycle Compatibility Warning: When executing saveXML() from within the Form context, the data description for the form is not observed
  • If the script xfa.data.saveXML() is executed, it does not honor the main form data description.If a form contains an XFA Data Description it is possible for that form to nominate certain data elements to be excluded if their value is NULL. This exclusion of the null data nodes worked correctly in Acrobat 7.X, however a bug was introduced in Acrobat 8.0 where the saveXML() script function stopped respecting this special processing of NULL data nodes. This problem has been corrected in Acrobat 8.1.3 and Acrobat 9. Root: Fixes issue found in 8.0.
  • 1799353: LiveCycle Compatibility Warning: Resaving form in Designer 8.2 breaks scripting against instancemanager.count property:
  • Resaving form in Designer 8.2 breaks scripting against instancemanager.count property. Saving an existing PDF form (that was saved in LiveCycle Designer 8.1) in Designer 8.2.1 can potentially cause migration or compatibility issues. See 1684847. Root: Fixes issue found in 8.1.2.
  • Product Area: Misc:
  • 1660217 Performance issues with PDFs protected by LiveCycle Rights Management with policies containing dynamic watermark
  • performance enhancements were made on PDFs that are protected by LiveCycle Rights Management when containing policies with dynamic watermarks. Root: Fixes issue found in 8.0.
  • 1696518 Preflight Droplets are non-functional on Mac platform in 8.1.2
  • This issue has been resolved Root: Fixes issue found in 8.0.
  • 1721620 Redaction overlay text is disappearing on scanned documents of text
  • After using OCR scanning on a document and then later redacting content, sometimes the redaction overlay would not be visible. This issue has been resolved. Root: Fixes issue found in 8.1.
  • 1872153 Figure in flow chart cannot be indexed or searched
  • Searching for terms in a flow chart figure gave erroneous results. This issue has been resolved. Root: fixes an issue found in version 8.1.1.
  • 1593025 An Explicit Mask on a Type 3 Image is erroneously applied to the next image
  • The issue of a mask being applied to more than the desired image has been resolved. Root: fixes an issue found in version 8.1.2.
  • 1692937 JS Print routine can return an uninitialized value
  • If you use the JS routine doc.Print and pass a print params object, you will get an uninitialized bool return value. This issue has been resolved. Root: fixes an issue found in version 8.1.2.
  • 1673676: LiveCycle Compatibility Warning: Net.HTTP.request() is not a privileged only JavaScript as advertized in our JavaScript manual
  • PDF files or forms which use this function may cease to function properly unless the form is modified. Refer to the Acrobat 8 JavaScript Manual for details on executing privileged functions. Root: Documentation.
  • Product Area: PDF Maker:
  • 1864744: PDF not getting created from right click menu on a Microsoft Word document using Acrobat 8 3D in 8.1.2
  • This issue has been resolved. Root: Fixes issue found in 8.1.2.
  • 1852690: Files in Microsoft Outlook Temporary folder fail to get deleted automatically on closing Outlook
  • This issue has been resolved. Root: Fixes issue found in 8.1.2.
  • 1806716: French language PDF Maker improperly maps heading to tags in resulting PDF
  • When converting Microsoft Word documents into accessible PDFs with the French PDF Maker, ?Titre1?, ?Titre2?, etc. tags were becoming ?? tags instead of ??, ??, etc. tags. This issue has been resolved.Root: Fixes issue found in 8.
  • 1770546: Word document is timing out when Acrobat 8.1.2 PDF Maker is used with Office XP SP3 or Office 2003 SP3
  • This issue has been resolved.Root: Fixes issue found in 8.1.2.
  • Product Area: Printing:
  • 1606132 When printing with print icon in browser, pages are not printed
  • This issue was found on Microsoft Internet Explorer and fixed.Root: Fixes issue found in 8.1.
  • 1810668 Memory leak while printing large document with images
  • When a large document is exported to a PostScript, or sent to a printer for printing "An error exists on this page. Acrobat may not display the page correctly. Please contact the person who created the PDF document to correct the problem" can occur. This problem was encountered on certain documents with a large number of monochrome images, but has been rectified in 8.1.3.Root: Fixes issue found in 8.1.2.
  • 1755163 Issue printing multiple documents using the windows context menu option
  • When printing multiple documents from the windows context menu option, Reader would launch multiple instances for each document. If you were to subsequently check the print queue, there would be some documents missing. This issue has been resolved.Root: Fixes issue found in 7 and 8.
  • 1686542 Acrobat was experiencing possible crashes when printing some PDFs that contained a watermark with an opacity of less than 100% with a PCL 5 or PCL 6 printer driver
  • This issue has been resolved.Root: Fixes issue found in 8.1.
  • 1511404 PostScript Error while Printing to Phaser PS 3 Printers:
  • This issue has been resolved as experienced on 6350, 6200 and 7300 printers.Root Fixes issue found in 8
  • Product Area: Document Security:
  • 1786972 IndenTrust OCSP validation works differently between Reader and Acrobat 7 and 8
  • Moving towards RFC compliancy caused IdenTrust OCSP validation to require client-side configuration in 8, which was not required in 7. For IdenTrust only, 8.1.3 will fall back to the 7 behavior.Root: Fixes issue found in 8
  • 1640821 'Incorrect type encountered during signing ' error signing the OCSP request using the IdenTrust utility credential
  • For IdenTrust, the OCSP request is signed using the utility credential present in the Microsoft credential store. There was an issue signing the OCSP request and as a result revocation checking failed. This has been resolved.Root: Fixes issue found in 8.1.2.
  • 1667014 Signing dynamic form takes longer in 8.1.x Reader then it does in 7.0.9
  • This issue has been resolved.Root: Fixes issue found in 8.1.
  • 1590630 Reader extended documents no longer work after saving from browser when using embed tag
  • Reader 8.1 fails to save Reader Extended PDFs that have multiple pages and that are displayed within a web page in Microsoft Internet Explorer using the tag. This issue has been resolved.Root: Fixes issue found in 8.1.
  • Product Area: Viewer:
  • 1682115 Crash clicking link and Previous Page View button with a file that contains a PDF Package
  • It was possible to create a crash when clicking links within documents mixed with navigation controls on packages. This has been resolved.Root: Fixes issue found in 8.1.1.
  • 1779691 With direct rendering enabled, it was possible to create a crash by clicking the print button while processing a preprint event
  • This issue has been resolved.Root: Fixes issue found in 8.1.2.
  • 1586075 Reader locks up if user checks dialog box to suppress security warning
  • With Microsoft Internet Explorer 6, it was possible to create a situation where Reader could not resolve an operation after encountering the suppression of a security dialog. This has been resolved.Root: Fixes issue found in 8.1.
  • 1637537 Acrobat crashes when JavaScript used to add and apply signature in Microsoft Internet Explorer 6 or 7
  • It as possible to create a crash if JavaScript was used to add and sign a field. This has been corrected.Root: Fixes issue found in 8.1.1.
  • 1622204 Security Warning message is displayed at preview before PDF buttons are displayed in the browser
  • Performing a preview with Designer would display a security warning message prematurely. This has been resolved.Root: Fixes issue found in 8.1.
  • 1546012 IAC api fix for AVDoc::Open()
  • The behavior of one of the apis in the OLE Automation interfaces changed from version 7. Previously, calling AVDoc.Open() would not show any UI. In Acrobat 8 it now does. This was due to the switch from MDI to SDI, but is now fixed.Root: Fixes issue found in 8