Adobe Systems Inc. plans to release a critical update today to its Reader and Acrobat PDF software, resolving a number of critical security issues.
In an Adobe advisory issued last week, the software maker said the update is part of its quarterly patching schedule. Details about the vulnerabilities were not released. Flaws marked as critical typically can be easily exploited and allow attackers to execute code remotely, taking control of an affected machine.
In addition, Adobe issued an out-of-band fix, repairing a critical security vulnerability in Flash Player. The update affects Flash Player versions 10.0.42.34 and earlier, as well as Adobe AIR versions 220.127.116.1120 and earlier. According to Adobe, the Flash flaw could enable an attacker to bypass restrictions and make anonymous requests to malicious third-party sites, poisoning Flash ads and videos.