Adobe plugs critical security holes in Acrobat, Reader

By on
Adobe plugs critical security holes in Acrobat, Reader

Delayed priority one patches now available.

Adobe today released eight security patches for Acrobat and Reader that address vulnerabilities which could allow attackers access to computers should a user open a malicious PDF file.

The updates are categorised as priority one, meaning Adobe considers them critical. One flaw on Windows that is being plugged allows for a sandbox bypass, which in turn can be used to elevate attackers' privileges.

On OS X, two memory corruption issues are being fixed along with a universal cross-scripting vulnerability.

A use-after-free flaw and potential denial-of-service vulnerabilities are also being addressed by the latest batch of patches.

The updates were originally scheduled to be released last week but were delayed due to issues with regression testing, which saw Adobe release just an updated Flash Player.

Patches are provided for Windows and Macintosh running versions:

  • Adobe Reader XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Reader XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Reader X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Reader X (10.1.10) and earlier 10.x versions for Macintosh
  • Adobe Acrobat XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Acrobat XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Acrobat X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Acrobat X (10.1.10) and earlier 10.x versions for Macintosh  

Adobe recommends users update their product installations to the latest versions:

Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?