Adobe releases emergency security patches for Acrobat and Reader


Adobe releases emergency security patches for Acrobat and Reader

Jenny Williams

Adobe has released an out-of-band security update for its Reader and Acrobat products for Windows, Mac OS and Unix.

The emergency patches are for several critical security issues, including a zero-day vulnerability disclosed at the Black Hat USA 2010 security conference. The APSB10-17 release comes ahead of the next quarterly security update for the products, scheduled for 12 October.

"The vulnerability is critical and can be used to take control of the targeted computer and should be addressed as soon as possible," said Wolfgang Kandek, CTO at security firm Qualys, in a blog post.

The update will be made available for Reader 9.3.3 and earlier versions for Windows, Mac OS, Unix, and for Acrobat 9.3.3 and earlier versions for Windows and Mac OS. The patch also includes the update to Flash released last week.

Kandek said Google security engineer Tavis Ormandy discovered the vulnerability before the Black Hat presentation. "It is possible that vulnerabilities are discovered independently, both by security researchers and/or malware writers. Tipping Point's ZDI initiative would be in a position to publish statistics on how often they have such an overlap," he added.

Adobe also announced at the Black Hat conference that it is to join Microsoft's Active Protections Programme (Mapp) later this year.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy