Adobe plugs critical security holes in Acrobat, Reader

By

Delayed priority one patches now available.

Adobe today released eight security patches for Acrobat and Reader that address vulnerabilities which could allow attackers access to computers should a user open a malicious PDF file.

Adobe plugs critical security holes in Acrobat, Reader

The updates are categorised as priority one, meaning Adobe considers them critical. One flaw on Windows that is being plugged allows for a sandbox bypass, which in turn can be used to elevate attackers' privileges.

On OS X, two memory corruption issues are being fixed along with a universal cross-scripting vulnerability.

A use-after-free flaw and potential denial-of-service vulnerabilities are also being addressed by the latest batch of patches.

The updates were originally scheduled to be released last week but were delayed due to issues with regression testing, which saw Adobe release just an updated Flash Player.

Patches are provided for Windows and Macintosh running versions:

  • Adobe Reader XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Reader XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Reader X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Reader X (10.1.10) and earlier 10.x versions for Macintosh
  • Adobe Acrobat XI (11.0.08) and earlier 11.x versions for Windows
  • Adobe Acrobat XI (11.0.07) and earlier 11.x versions for Macintosh
  • Adobe Acrobat X (10.1.11) and earlier 10.x versions for Windows
  • Adobe Acrobat X (10.1.10) and earlier 10.x versions for Macintosh  

Adobe recommends users update their product installations to the latest versions:

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?