Adobe to issue emergency updates for Reader, Acrobat

By on
Adobe to issue emergency updates for Reader, Acrobat

Out-of-band patch addresses zero-day.

Adobe this week plans to issue an emergency security update for Adobe Reader and Acrobat to fix a number of critical flaws, including a zero-day vulnerability that is being exploited in the wild.

The out-of-band updates for Windows and Mac are expected to be released later today, while an update for UNIX is due on November 30, Adobe said in a notification.

The updates will address a critical, zero-day flaw that is being leveraged in attacks against Reader and Acrobat.

The flaw affects the authplay.dll component, a Flash interpreter, that ships Reader version 9 for Windows, Mac and UNIX and Acrobat 9 for Windows and Mac, Adobe said in an advisory. The vulnerability, disclosed in late October and already patched in Flash Player earlier this month, could cause a crash or allow an attacker to take control of an affected system.

The updates are also set to address a zero-day flaw in Reader that could permit the launch of denial-of-service attacks against affected computers, Adobe said. The vulnerability, complete with proof-of-concept code, was first revealed earlier this month on the Full Disclosure mailing list.

In addition, other critical vulnerabilities patched in Flash Player earlier this month will be addressed in the Reader and Acrobat updates.

Meanwhile, the next scheduled quarterly security updates for Reader and Acrobat are expected on February 8, 2011.

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
acrobatadobeemergencyforissuereadersecuritytoupdates

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

Most Read Articles

Aussie Broadband nears end of NBN PoI fibre rollout

Aussie Broadband nears end of NBN PoI fibre rollout
Telstra deregisters 900MHz sites “hindering” Optus 5G rollout

Telstra deregisters 900MHz sites “hindering” Optus 5G rollout
Student details, photos exposed in University of WA data breach

Student details, photos exposed in University of WA data breach
Transport for NSW exits Global Switch data centre

Transport for NSW exits Global Switch data centre

Digital Nation

Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
COVER STORY: Multiple cloud models make security more complex
COVER STORY: Multiple cloud models make security more complex
Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up
COVER STORY: What happens when Google changes its algorithm?
COVER STORY: What happens when Google changes its algorithm?
Case Study: Swinburne University overhauls student management system
Case Study: Swinburne University overhauls student management system

Log In

  |  Forgot your password?