TechTarget

Adobe plans fixes for Reader and Acrobat in next security update

Adobe has announced it will address several vulnerabilities in its Reader and Acrobat software in is next quarterly security update on 14 June.

Adobe has announced it will address several vulnerabilities in its Reader and Acrobat software in is next quarterly security update on 14 June.

All the vulnerabilities being patched are rated critical, said Adobe in its pre-notification Security Advisory.

Adobe defines critical vulnerabilities as those which would allow attackers to execute malicious code.

The patches will fix bugs in Adobe Reader X and Acrobat X as well as versions 9.4.3 and earlier for both Windows and Mac OS X, according to the pre-notification, but Adobe Reader for Android is not mentioned.

The update will address some long outstanding vulnerabilities, but Adobe has released a number of unscheduled patches in the past few months, including one just a few days ago for Flash Player to patch a zero-day cross-site scripting vulnerability.

The company noted the cross-site scripting flaw also affected the authplay.dll component in Reader and Acrobat. This particular issue is supposed to be fixed for Reader and Acrobat X and earlier 10.x and 9.x versions for both Windows and Mac OS X in the coming quarterly update.

In March and April, Adobe issued out-of-band updates for all versions except Reader and Acrobat X, to close security holes that allowed attackers to embed malicious Flash code into other documents.

The company delayed updates to these two applications to the scheduled quarterly update because their sandbox architecture prevented the rogue Flash files from executing, reducing the risk.

Summary: Affected software versions

Adobe Reader X (10.0.1) and earlier versions for Windows

Adobe Reader X (10.0.3) and earlier versions for Macintosh

Adobe Reader 9.4.3 and earlier versions for Windows and Macintosh

Adobe Acrobat X (10.0.3) and earlier versions for Windows and Macintosh

Adobe Acrobat 9.4.3 and earlier versions for Windows and Macintosh

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataManagement

Close