Question
Why is Acrobat showing as vulnerable when I can confirm that the machine has an up to date version of the software?
Answer
JavaScript is used to query the user's browser for the version of each plugin in use. For unknown reasons Internet Explorer (and only IE) limits the returned version to the first two decimal points. For example, if the user is actually running version 11.0.10, we will report that the user is running 11.0.0.0 as IE doesn't let us see past 11.0.?.? To be clear, this is limitation implemented by Microsoft within IE and not an issue with the Phishing product. We made the decision to mark Acrobat on IE as vulnerable, even in cases where IE prevents us from seeing the full string. This approach is to avoid false-negatives wherein the version in use is actually vulnerable but not marked as such.
See also Endpoint Vulnerability Check, Difference in Vulnerability and Browser Fingerprinting for additional information