Adobe patches Reader and Acrobat for "critical" vulnerabilities

By
Follow google news

In the first of its regular security updates, Adobe has patched several "critical" vulnerabilities it has identified in Adobe Reader and Acrobat.

In a security advisory, Adobe said that the vulnerabilities would cause applications to crash and potentially enable an attacker to take control of an affected system. None of the flaws are being actively exploited, according to Adobe.

The advisory said that users of Reader and Acrobat should update their products to versions 9.1.2, 8.1.6, or 7.1.3. The updates apply to Windows and Macintosh, but updates for Adobe Reader on UNIX platforms will have to wait until June 16.

Specifically, the updates address issues such as stack overflow, memory corruption and heap overflow vulnerabilities that could potentially lead to code execution.

Adobe classifies a vulnerability as “critical” if, when exploited, it would “allow malicious native-code to execute, potentially without a user being aware.”

In May, Adobe announced plans to issue security fixes for Reader and Acrobat on a scheduled basis. The move mirrors similar decisions by other leading software providers such as Microsoft and Oracle, which have moved to monthly and quarterly release cycles, respectively.

"This is the first quarterly security update for Adobe Reader and Acrobat as described in our May 20 blog post," Wendy Poland, a security response program manager, wrote in a post on the company's Product Security Incident Response Team (PSIRT) blog, "and incorporates the initial output of code hardening efforts."

"Adobe is not currently aware of any exploits in the wild for these issues," she added.

See original article on scmagazineus.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
acrobatadobecriticalpatchesreadersecurityvulnerabilities

Sponsored Whitepapers

Uncomplicate IT Service Delivery with AI Agents
Uncomplicate IT Service Delivery with AI Agents
Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)

Events

Most Read Articles

WhatsApp unveils high-security mode

WhatsApp unveils high-security mode
NSW to overhaul state cyber emergency plan

NSW to overhaul state cyber emergency plan
Google busts giant IPIDEA residential proxy network

Google busts giant IPIDEA residential proxy network
Malware toolkit guarantees store approval for Chrome extensions

Malware toolkit guarantees store approval for Chrome extensions
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?