News

Adobe releases emergency security patches for Acrobat and Reader

Jenny Williams

Adobe has released an out-of-band security update for its Reader and Acrobat products for Windows, Mac OS and Unix.

The emergency patches are for several critical security issues, including a zero-day vulnerability disclosed at the Black Hat USA 2010 security conference. The APSB10-17 release comes ahead of the next quarterly security update for the products, scheduled for 12 October.

"The vulnerability is critical and can be used to take control of the targeted computer and should be addressed as soon as possible," said Wolfgang Kandek, CTO at security firm Qualys, in a blog post.

The update will be made available for Reader 9.3.3 and earlier versions for Windows, Mac OS, Unix, and for Acrobat 9.3.3 and earlier versions for Windows and Mac OS. The patch also includes the update to Flash released last week.

Kandek said Google security engineer Tavis Ormandy discovered the vulnerability before the Black Hat presentation. "It is possible that vulnerabilities are discovered independently, both by security researchers and/or malware writers. Tipping Point's ZDI initiative would be in a position to publish statistics on how often they have such an overlap," he added.

Adobe also announced at the Black Hat conference that it is to join Microsoft's Active Protections Programme (Mapp) later this year.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy