All emails with pdf attachments sent after I updated are fine - but every pdf file from an email from before the update is corrupted and cannot be opened. Welcome to the Windows 10 Forums where you can ask questions or find answers on anything related to the new operating system from Microsoft.Addressed potential issues where the application could be exposed to Use-After-Free Remote Code Execution vulnerability due to the use of Annot object which has been freed (ZDI-CAN-4979/ZDI-CAN-4980/ZDI-CAN-4981/ZDI-CAN-5023/ZDI-CAN-5024/ZDI-CAN-5025/ZDI-CAN-5026/ZDI-CAN-5028).
(CVE-2017-17557/ZDI-CAN-5472/ZDI-CAN-5895/ZDI-CAN-5473). Addressed potential issues where the application could be exposed to Use-After-Free vulnerability due to the use of freed object when executing Java Script or invoking certain functions to get object properties, which could be exploited by attackers to execute remote code (CVE-2017-14458/ZDI-CAN-5436/ZDI-CAN-5527/ZDI-CAN-5528/ZDI-CAN-5529/ZDI-CAN-5531/ZDI-CAN-5617/ZDI-CAN-5618/ZDI-CAN-5620/ZDI-CAN-5579/ZDI-CAN-5580/ZDI-CAN-5488/ZDI-CAN-5489/ZDI-CAN-5312/ZDI-CAN-5432/ ZDI-CAN-5433/ZDI-CAN-5434/ZDI-CAN-5435/ZDI-CAN-5568/ZDI-CAN-5491/ZDI-CAN-5379/ZDI-CAN-5382).
Addressed potential issues where the application could be exposed to Uninitialized Memory/Pointer Information Disclosure or Remote Code Execution vulnerabilities due to the use of uninitialized new Uint32Array object or member variables in Print Params or m_p Cur Contex objects (ZDI-CAN-5437/ZDI-CAN-5438/CVE-2018-3842/ ZDI-CAN-5380).
Here is information on some enhancements that make our software even more robust.
Please click here to report a potential security vulnerability.
Steven Seeley (mr_me) of Offensive Security working with Trend Micro's Zero Day Initiative Steven Seeley of Source Incite working with Trend Micro's Zero Day Initiative bit from meepwn team working with Trend Micro's Zero Day Initiative Addressed a potential issue where when the application is running in single instance mode, it could be exposed to arbitrary code execution or denial of service vulnerability and fail to initialize Pen Input Panel component by calling Co Create Instance function when users open a PDF file by double click after launching the application (CVE-2017-14694).
Addressed a potential issue where the application could be exposed to Buffer Overflow vulnerability when opening certain EPUB file due to the invalid length of size_file_name in CDRecord in the ZIP compression data.
will J of Tencent PC Manager working with Trend Micro's Zero Day Initiative Sudhakar Verma and Ashfaq Ansari - Project Srishti working with Trend Micro's Zero Day Initiative Aleksandar Nikolic of Cisco Talos Addressed a potential issue where the application could be exposed to Remote Code Execution or Information Disclosure vulnerability by abusing Go To E & Go To R Actions to open or run arbitrary executable applications on a target system.
Addressed a potential issues where when the application is not running in Safe-Reading-Mode, it could be exposed to Out-of-Bounds Read Information Disclosure vulnerability with abusing the _JP2_Codestream_Read_SOT function (ZDI-CAN-5549).
Addressed a potential issue where the application could be exposed to arbitrary application execution vulnerability since users could embed executable files to PDF portfolio from within the application (FG-VD-18-029).
Addressed potential issues where the application could be exposed to U3D Out-of-Bounds Read/Write/Access vulnerabilities, which could lead to information disclosure or remote code execution (ZDI-CAN-5425/ZDI-CAN-5428/ ZDI-CAN-5429/ZDI-CAN-5430/ZDI-CAN-5483/ZDI-CAN-5494/ZDI-CAN-5495/ZDI-CAN-5393/ZDI-CAN-5394/ZDI-CAN-5395/ZDI-CAN-5396/ZDI-CAN-5397/ZDI-CAN-5399/ ZDI-CAN-5401/ZDI-CAN-5408/ZDI-CAN-5409/ZDI-CAN-5410/ZDI-CAN-5412/ZDI-CAN-5418/ZDI-CAN-5419/ZDI-CAN-5421/ZDI-CAN-5422/ZDI-CAN-5423/ZDI-CAN-5424/ CVE-2018-5675/CVE-2018-5677/CVE-2018-5679/CVE-2018-5680/ZDI-CAN-5392/ZDI-CAN-5426).