Adobe has released a huge patch to fix flaws in its Reader and Acrobat software.
In a security advisory, Adobe said that the patches covered heap, integer and buffer overflow vulnerabilities, as well as memory corruption issues that could be used in a denial of service attack.
They are for Adobe Reader 9.1.3 and Acrobat 9.1.3, Adobe Reader 8.1.6 and Acrobat 8.1.6 for Windows, Macintosh and UNIX, and Adobe Reader 7.1.3 and Acrobat 7.1.3 for Windows and Macintosh.
The patch includes a fix for a zero-day flaw that was being exploited by malware writers, Adobe warned.
“While Adobe may be catching up to Microsoft in terms of flaws in their software, they could tear a few pages from Microsoft's playbook on how to cope,” said Sophos' Chester Wisniewski in a blog post.
“Microsoft has taken security much more seriously in the last year and a half, and it shows. They are embracing the community's demands about openness and reliably delivering updates to IT departments in a predictable way.”