Adobe fills 17 Reader and Acrobat holes

By

Software firm accelerates patch cycle to address critical flaws.

Adobe has released updates for its popular Reader and Acrobat software that fix 17 separate vulnerabilities including one that could enable hackers to take control of a user’s PC.

Adobe Reader and Acrobat 9.3.3 and 8.2.3 is an accelerated quarterly release originally slated for 13 July, fixing a number of issues that the firm has already disclosed. The next quarterly update is scheduled for 12 October.

One of the flaws, already being exploited in the wild, relates to the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and Unix and could cause a crash and potentially allow an attacker to take control of the affected system.

Another fix mitigates a social engineering attack that could lead to code execution, according to Adobe. This flaw was first disclosed in March and takes advantage of PDF "/launch" functionality.

“Today's update includes changes to resolve the misuse of this command,” wrote Adobe product manager Steve Gottwals in a blog post.

“We added functionality to block any attempts to launch an executable or other harmful objects by default. We also altered the way the existing warning dialog works to thwart the known social engineering attacks.”

Adobe fills 17 Reader and Acrobat holes
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

NSW Police to embark on $126m IT overhaul

NSW Police to embark on $126m IT overhaul

CBA looks to GenAI to assist 1200 'security champions'

CBA looks to GenAI to assist 1200 'security champions'

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

WestJet probes cyber security incident

WestJet probes cyber security incident

Log In

  |  Forgot your password?