Adobe to issue emergency updates for Reader, Acrobat

By

Out-of-band patch addresses zero-day.

Adobe this week plans to issue an emergency security update for Adobe Reader and Acrobat to fix a number of critical flaws, including a zero-day vulnerability that is being exploited in the wild.

The out-of-band updates for Windows and Mac are expected to be released later today, while an update for UNIX is due on November 30, Adobe said in a notification.

The updates will address a critical, zero-day flaw that is being leveraged in attacks against Reader and Acrobat.

The flaw affects the authplay.dll component, a Flash interpreter, that ships Reader version 9 for Windows, Mac and UNIX and Acrobat 9 for Windows and Mac, Adobe said in an advisory. The vulnerability, disclosed in late October and already patched in Flash Player earlier this month, could cause a crash or allow an attacker to take control of an affected system.

The updates are also set to address a zero-day flaw in Reader that could permit the launch of denial-of-service attacks against affected computers, Adobe said. The vulnerability, complete with proof-of-concept code, was first revealed earlier this month on the Full Disclosure mailing list.

In addition, other critical vulnerabilities patched in Flash Player earlier this month will be addressed in the Reader and Acrobat updates.

Meanwhile, the next scheduled quarterly security updates for Reader and Acrobat are expected on February 8, 2011.

See original article on scmagazineus.com

Adobe to issue emergency updates for Reader, Acrobat
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Log In

  |  Forgot your password?